General
-
Target
Full_Setup_Installer.exe
-
Size
84.3MB
-
Sample
240401-s9xhzagg4w
-
MD5
8b624521d1738fbcc41d3579c69154bd
-
SHA1
619ea5848b7bd644cd547d50a6c89dd3b8e17c4c
-
SHA256
6518ca0d69133ff622a3d6e168caf6edec6abc20ecfdbf9444043a7e79c7caa0
-
SHA512
6b637f6dcfadc04ccf3fb14fbd2bbc2b8fddcfef09dc90e7dbae60fae076ab50025de57b4cbeb152755377735a88cc6f80e1df8c7c8ba6ddaf300ae37181a57c
-
SSDEEP
1572864:K+xiGHpY6LR9w6BCv83y6RuHJKfx/JrL/jqL++9DpkXCWqVDu0xXEpB:K+hzD8wneKfxxDm++DK6VDX6
Static task
static1
Behavioral task
behavioral1
Sample
Full_Setup_Installer.exe
Resource
win10-20240214-en
Behavioral task
behavioral2
Sample
Installer_X_v5.7.0.exe
Resource
win10-20240221-en
Malware Config
Targets
-
-
Target
Full_Setup_Installer.exe
-
Size
84.3MB
-
MD5
8b624521d1738fbcc41d3579c69154bd
-
SHA1
619ea5848b7bd644cd547d50a6c89dd3b8e17c4c
-
SHA256
6518ca0d69133ff622a3d6e168caf6edec6abc20ecfdbf9444043a7e79c7caa0
-
SHA512
6b637f6dcfadc04ccf3fb14fbd2bbc2b8fddcfef09dc90e7dbae60fae076ab50025de57b4cbeb152755377735a88cc6f80e1df8c7c8ba6ddaf300ae37181a57c
-
SSDEEP
1572864:K+xiGHpY6LR9w6BCv83y6RuHJKfx/JrL/jqL++9DpkXCWqVDu0xXEpB:K+hzD8wneKfxxDm++DK6VDX6
Score10/10-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Blocklisted process makes network request
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-
-
-
Target
Installer_X_v5.7.0.exe
-
Size
83.1MB
-
MD5
0b6171cf84209d1441665c06ce80c339
-
SHA1
fe2d66a3009497846fb928392d7a10cb4d9671bb
-
SHA256
2e8b04e706c5dfc026de790dbcbac568063d7dfddf5f4d7592751435518adf8f
-
SHA512
9e640a4a0e6f8deec738b37642d812fa4f4243a43b9bd29c4f2cc80314962586a0b997e92ccfd411886ad25741d324e00d3c7989d24efae957f81108768aff16
-
SSDEEP
1572864:ptuVMkFEruUp6/pjFzM374tHzjLi12oRshtlm8dGvdkGROvg+hcLVDgLe:pEOfTpmpjG37eoR+Dm8kVjug+hcxDZ
Score1/10 -