General

  • Target

    ExLoadFree_4.22.exe

  • Size

    385KB

  • Sample

    240402-cgk2gade7w

  • MD5

    71a4c65722e745b09ca8e50e83da6460

  • SHA1

    e0d434417cb27783975cf3c38a41687433018896

  • SHA256

    d01193c7ef2bcdadd05dc110eb8a315939c7e2cf14c7b596691396f6d3944390

  • SHA512

    99e6c4416e70a07751406d8c266a07ea43978027073e68fdbb83402a84f02bc0ba582e155b7106c66127f4c42137fdd91f66a5a79bacd92baa489fb02d4157cb

  • SSDEEP

    12288:U15wgj/9tn4XkiY5NwcRfsHmAfq1wNp+K:e5wg30kVE+EHywh

Score
10/10

Malware Config

Targets

    • Target

      ExLoadFree_4.22.exe

    • Size

      385KB

    • MD5

      71a4c65722e745b09ca8e50e83da6460

    • SHA1

      e0d434417cb27783975cf3c38a41687433018896

    • SHA256

      d01193c7ef2bcdadd05dc110eb8a315939c7e2cf14c7b596691396f6d3944390

    • SHA512

      99e6c4416e70a07751406d8c266a07ea43978027073e68fdbb83402a84f02bc0ba582e155b7106c66127f4c42137fdd91f66a5a79bacd92baa489fb02d4157cb

    • SSDEEP

      12288:U15wgj/9tn4XkiY5NwcRfsHmAfq1wNp+K:e5wg30kVE+EHywh

    Score
    10/10
    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks