General
-
Target
Leonardo_Al.zip
-
Size
113.7MB
-
Sample
240403-ylx3gsba5t
-
MD5
bd7907bdada13292c0e01e5d5b7f523a
-
SHA1
d9196a3dfb8d2b08dd977f03fb70776a481ed492
-
SHA256
633d5f336758fb117aa71edf1871c393c9fe3313abe61bec31974638ed9d7ce8
-
SHA512
d62d822ab3591e6cdc6db06b1d215b7856fab08d28ffa62df5147ec1f3117c633505998243258815e7d47c0b5b8c8c6e556c9bd023f51a7608e0ed6ae9dac5e3
-
SSDEEP
3145728:uM/VFo4s+NLcAt6M7/BeP6W4iEwkD671YX3yWUTB:zmtoLcAt6+4PLEwkG7hWa
Behavioral task
behavioral1
Sample
Leonardo_Al/LeonardoAl_Setup.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
Leonardo_Al/LeonardoAl_Setup.exe
Resource
win10v2004-20240319-en
Behavioral task
behavioral3
Sample
Leonardo_Al/Update_Leo.pdf
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
Leonardo_Al/Update_Leo.pdf
Resource
win10v2004-20240226-en
Behavioral task
behavioral5
Sample
Leonardo_Al/g2m.dll
Resource
win7-20240221-en
Behavioral task
behavioral6
Sample
Leonardo_Al/g2m.dll
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
Leonardo_Al/LeonardoAl_Setup.exe
-
Size
31KB
-
MD5
3e71ed46603b02a94b921411a19b7a5c
-
SHA1
b1374ef6717635d07015d8acb700cf95b2a66b12
-
SHA256
1131f33552a12921f6f4d7d9e503feae4b12c367d5377e226acf270f6b58ca6e
-
SHA512
28555a8bf20e4f8d42b21685c06e429bc5261f75e9fb65b970a322907d7da4a4ee7d367f4637ea4abb6ef32fae8e71a9d92b4f253a201e94548d68281edccbaf
-
SSDEEP
384:e8Kj/M8yEryzqEt7a9Oey+IFdP64VYaEwDtiBgxoxlnLr2STcEICxXBhgBx4eMDa:eDD1r+VWOV+csoHViBBn+EFIqeMDGvaS
Score10/10-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
-
-
Target
Leonardo_Al/Update_Leo.inf
-
Size
130.0MB
-
MD5
f158d3387c6e2cb1b482f7b7abee7e20
-
SHA1
9aadedb8049339dd027a45bc733caa1f6f3dc7a9
-
SHA256
c052369f476b624913e8aec1a3ba729d30b5d5f145c4c5c58d64f7d09cfa54b5
-
SHA512
93e92533c93d966007eaf6fb35772e362326eb8bd321f1db28cfa98943277589a393081157a8832f162776127eb91974e3f93a2ea3475e936db1f228973bc40e
-
SSDEEP
3145728:96lH+byk0ZggBznCh2HCea5bQ92NmDVr9XqnZGWp:
Score1/10 -
-
-
Target
Leonardo_Al/g2m.dll
-
Size
130.0MB
-
MD5
0722be7f0411d54e95107a11836c6e03
-
SHA1
b39f9247119b18fc9c846f73c810f426015b964b
-
SHA256
8814bdaaf5c686485ef864c25e2524e662dcfc37a393b0d8faa8d74a556df4b3
-
SHA512
0116217df19b9cc76c0301a7838fb08221a71696d9dc4c82895faae67d8495bd63b4b61d2fa0c8a3a76311faac3d85f2a95b16c8a47ade3e428102769323d13b
-
SSDEEP
786432:fUP7GCGO7b0Srkx/tC0SzIdSwh/WxbpNHQD3trzRp:fUP7GCG64Srkx1hSzYsHQD3t/R
Score10/10-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-