General
-
Target
0b64671581f1f8be974fdea937942df072341dc17f146fa96f0c75b802c8ed5a
-
Size
22.1MB
-
Sample
240404-pm2ydsfb3y
-
MD5
84b7497c47ff672260fc77e5120b8f62
-
SHA1
9c9feaec39f89530b10fccccefef716a7d077338
-
SHA256
0b64671581f1f8be974fdea937942df072341dc17f146fa96f0c75b802c8ed5a
-
SHA512
2565ac3d2c316d705cd0c31ad0094dc256a603f5376742a43d433290a9401ec48545c0225f20fd413d9c49849270307274898f0521113e9b3a8a40d1d2452a57
-
SSDEEP
393216:W6tDL7P6EJ5kgaaDOPrbodNQLzTOxTgiLB1qhE9wn11a6ABbL+OjPFjqN0/Ltjam:WkLblJPaaiHovQPaohE9219O5xTDtjw+
Static task
static1
Behavioral task
behavioral1
Sample
Loader.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
Loader.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral3
Sample
opengl32.dll
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
opengl32.dll
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
Loader.exe
-
Size
69.9MB
-
MD5
0e3f59387c131274d399813d1d95d80c
-
SHA1
f09cce4678a762cfe87dbc5c8b68f9a951afebb2
-
SHA256
558be4bca2165d9e1335330cfacc0ff3c175ed21dfe17c7421b3b1bae6348a6a
-
SHA512
fc04a75b47d0780212971e7a1db91df5f4d98ed796379bea053fb2c2578b3de42a6da561ce1579479f6f5088a06ff32d6945ac5fe112a5ca236f5453c60e54e1
-
SSDEEP
393216:S0tsUElbLI3r6B6Xlek/Kez3sFumIYUDfLFokwsWtjGHx:SEIHIjlek/KY4bIYU7/wsfx
Score10/10-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
-
-
Target
opengl32.dll
-
Size
546KB
-
MD5
9795ea8a41f5017adf924489d8c4e43c
-
SHA1
1d830d37d23833c264b60841a506d18a61dbba44
-
SHA256
c12b92c7069755538b3a0383ef8f296c0313470190b73385008abf519e0ce8f6
-
SHA512
dd885a4ddf777d09c4449cb11a73ebddfde49d33fbaf8274eb9cc426fcf82ee1a0fb174b86c9925b14c2fd494690441e3dde76c84a9d2652881c267217bc33a3
-
SSDEEP
24:mHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHw:n
Score1/10 -