General

  • Target

    cfd2733ba128f49a373042a1a6c3fe19.bin

  • Size

    374KB

  • Sample

    240403-b8p9tscd3t

  • MD5

    446d254049f580413c5c28782347855a

  • SHA1

    5ed833a5f52ae7dfcc610e9a1a8bc182c0b870a8

  • SHA256

    7b4f73624fa6f3b155bd1adb5e32c703f4c7afb3120d2d3d0e1f36bf173687dc

  • SHA512

    a2c71474b2c3891adb6d7002137e8f74a2d578b138a3cb8afb22a34cc4f68e59cd8de42b33f33effaf9e19797df39ae0b77cc77c650766ae47c77c94b598aba9

  • SSDEEP

    6144:3ihFNMAQEDUuTrafpy5UFEDSREgnc0lSnP3Kj8ysvzTR7ntSmT1uUuc1MS:SNvrfOe+7SfKj27ntSqQm1MS

Score
10/10

Malware Config

Targets

    • Target

      5d93c67ddde2e5fdc00a4e5777aa37d9ea4639227c633d044fb467b210640d28.exe

    • Size

      386KB

    • MD5

      cfd2733ba128f49a373042a1a6c3fe19

    • SHA1

      5782fffc3d9e4d815fa0ec6315c5f237edfb9ae9

    • SHA256

      5d93c67ddde2e5fdc00a4e5777aa37d9ea4639227c633d044fb467b210640d28

    • SHA512

      be1a9fae4148cd6b567903f8fe707c1812d2782c8a718f81f6d30240c498f1aa5419f5fc22a318727a07e0e232c1538209743a97b9c01e5f4a679462ac2819d8

    • SSDEEP

      12288:DHKzTnUs8oF7lWrf4p0fM5kzzLsK8Qll6V:DqzTUvEjCfMiHYMoV

    Score
    10/10
    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks