General
-
Target
connection1503.zip
-
Size
12.9MB
-
Sample
240404-lk8flsbe41
-
MD5
16da8b84380d4eb1d92096a960a4712b
-
SHA1
f2bba904ae855ef33c089aee7f3e16242b73dc7f
-
SHA256
d671593564859879c1864906762f67c6b90efa92595ba4a0ad243a0a7be25c27
-
SHA512
8f96e17ac08685c60d1665d11ba434b0e4b0afe7a5ff1dc0bcb9235c348703942829c1ba05133802d603bc7760165e8e67d907a3d1d8fbca941ce78d44451894
-
SSDEEP
393216:m1q9tet4Da2RozpPcT0CEvCAcuytGbt/Idu5FNr:m1q3eqDIfvquyMI45FNr
Static task
static1
Behavioral task
behavioral1
Sample
connection1503.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
connection1503.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
connection1503.exe
-
Size
43.9MB
-
MD5
43430554370c916d462360e4f99ce14e
-
SHA1
d8a319a2927bc70008d807f65c0b085424e17fde
-
SHA256
97ad9ec5accd668882437d7af85ed8c5228fb2f5ceb035ebd15a569eb10ee957
-
SHA512
38aa7550e1babd193e19967a175c3986daaa7366bcbe621893f6eda2250d80feff63f2c26ffe39d225e9f6186dcfe40e44fb653e25c5419cbbc2dc2f998bd6e1
-
SSDEEP
196608:vchI3nkY+Za8caFGzCQJ2xo3NDeZfMITDFAi7xz19Adyah/tv:0S3kYckaFgso3ND4VFAQz12dttv
Score10/10-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Suspicious use of SetThreadContext
-