General

  • Target

    download (2).dat

  • Size

    436KB

  • Sample

    240404-kyh77sah8t

  • MD5

    82ae62b02c88994254a2e6ae38671cac

  • SHA1

    438ecf90a33c1876378ea05a18a138e53e35a0be

  • SHA256

    a5798e0229fe027c248cb9d8a2ec0c1b790e6f9e79f9a6f397acf9e2f0394d4a

  • SHA512

    2077c964f39fad5869561b187a66b914842d5b5d4f5e7cbcb18a42f550aec6f90e8f70e0399aaf3f8f071c795936b1fdc6c493d02701ad628a9e3cdfbda00d15

  • SSDEEP

    6144:e2qezd2ab1/RuHk+M3k8M3W7XomjOJCqshrOlumY6DMIewgxQfqesb:ef2R/EEkCQFYDwRqp

Score
10/10

Malware Config

Targets

    • Target

      download (2).dat

    • Size

      436KB

    • MD5

      82ae62b02c88994254a2e6ae38671cac

    • SHA1

      438ecf90a33c1876378ea05a18a138e53e35a0be

    • SHA256

      a5798e0229fe027c248cb9d8a2ec0c1b790e6f9e79f9a6f397acf9e2f0394d4a

    • SHA512

      2077c964f39fad5869561b187a66b914842d5b5d4f5e7cbcb18a42f550aec6f90e8f70e0399aaf3f8f071c795936b1fdc6c493d02701ad628a9e3cdfbda00d15

    • SSDEEP

      6144:e2qezd2ab1/RuHk+M3k8M3W7XomjOJCqshrOlumY6DMIewgxQfqesb:ef2R/EEkCQFYDwRqp

    Score
    10/10
    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Deletes itself

MITRE ATT&CK Matrix

Tasks