General
-
Target
download (2).dat
-
Size
436KB
-
Sample
240404-kyh77sah8t
-
MD5
82ae62b02c88994254a2e6ae38671cac
-
SHA1
438ecf90a33c1876378ea05a18a138e53e35a0be
-
SHA256
a5798e0229fe027c248cb9d8a2ec0c1b790e6f9e79f9a6f397acf9e2f0394d4a
-
SHA512
2077c964f39fad5869561b187a66b914842d5b5d4f5e7cbcb18a42f550aec6f90e8f70e0399aaf3f8f071c795936b1fdc6c493d02701ad628a9e3cdfbda00d15
-
SSDEEP
6144:e2qezd2ab1/RuHk+M3k8M3W7XomjOJCqshrOlumY6DMIewgxQfqesb:ef2R/EEkCQFYDwRqp
Static task
static1
Behavioral task
behavioral1
Sample
download (2).exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
download (2).exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
download (2).dat
-
Size
436KB
-
MD5
82ae62b02c88994254a2e6ae38671cac
-
SHA1
438ecf90a33c1876378ea05a18a138e53e35a0be
-
SHA256
a5798e0229fe027c248cb9d8a2ec0c1b790e6f9e79f9a6f397acf9e2f0394d4a
-
SHA512
2077c964f39fad5869561b187a66b914842d5b5d4f5e7cbcb18a42f550aec6f90e8f70e0399aaf3f8f071c795936b1fdc6c493d02701ad628a9e3cdfbda00d15
-
SSDEEP
6144:e2qezd2ab1/RuHk+M3k8M3W7XomjOJCqshrOlumY6DMIewgxQfqesb:ef2R/EEkCQFYDwRqp
Score10/10-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Deletes itself
-