General
-
Target
ExLoadFree_4.22.exe
-
Size
385KB
-
Sample
240402-cgk2gade7w
-
MD5
71a4c65722e745b09ca8e50e83da6460
-
SHA1
e0d434417cb27783975cf3c38a41687433018896
-
SHA256
d01193c7ef2bcdadd05dc110eb8a315939c7e2cf14c7b596691396f6d3944390
-
SHA512
99e6c4416e70a07751406d8c266a07ea43978027073e68fdbb83402a84f02bc0ba582e155b7106c66127f4c42137fdd91f66a5a79bacd92baa489fb02d4157cb
-
SSDEEP
12288:U15wgj/9tn4XkiY5NwcRfsHmAfq1wNp+K:e5wg30kVE+EHywh
Static task
static1
Behavioral task
behavioral1
Sample
ExLoadFree_4.22.exe
Resource
win11-20240221-en
Malware Config
Targets
-
-
Target
ExLoadFree_4.22.exe
-
Size
385KB
-
MD5
71a4c65722e745b09ca8e50e83da6460
-
SHA1
e0d434417cb27783975cf3c38a41687433018896
-
SHA256
d01193c7ef2bcdadd05dc110eb8a315939c7e2cf14c7b596691396f6d3944390
-
SHA512
99e6c4416e70a07751406d8c266a07ea43978027073e68fdbb83402a84f02bc0ba582e155b7106c66127f4c42137fdd91f66a5a79bacd92baa489fb02d4157cb
-
SSDEEP
12288:U15wgj/9tn4XkiY5NwcRfsHmAfq1wNp+K:e5wg30kVE+EHywh
Score10/10-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Suspicious use of SetThreadContext
-