General

  • Target

    0b64671581f1f8be974fdea937942df072341dc17f146fa96f0c75b802c8ed5a

  • Size

    22.1MB

  • Sample

    240404-pm2ydsfb3y

  • MD5

    84b7497c47ff672260fc77e5120b8f62

  • SHA1

    9c9feaec39f89530b10fccccefef716a7d077338

  • SHA256

    0b64671581f1f8be974fdea937942df072341dc17f146fa96f0c75b802c8ed5a

  • SHA512

    2565ac3d2c316d705cd0c31ad0094dc256a603f5376742a43d433290a9401ec48545c0225f20fd413d9c49849270307274898f0521113e9b3a8a40d1d2452a57

  • SSDEEP

    393216:W6tDL7P6EJ5kgaaDOPrbodNQLzTOxTgiLB1qhE9wn11a6ABbL+OjPFjqN0/Ltjam:WkLblJPaaiHovQPaohE9219O5xTDtjw+

Score
10/10

Malware Config

Targets

    • Target

      Loader.exe

    • Size

      69.9MB

    • MD5

      0e3f59387c131274d399813d1d95d80c

    • SHA1

      f09cce4678a762cfe87dbc5c8b68f9a951afebb2

    • SHA256

      558be4bca2165d9e1335330cfacc0ff3c175ed21dfe17c7421b3b1bae6348a6a

    • SHA512

      fc04a75b47d0780212971e7a1db91df5f4d98ed796379bea053fb2c2578b3de42a6da561ce1579479f6f5088a06ff32d6945ac5fe112a5ca236f5453c60e54e1

    • SSDEEP

      393216:S0tsUElbLI3r6B6Xlek/Kez3sFumIYUDfLFokwsWtjGHx:SEIHIjlek/KY4bIYU7/wsfx

    Score
    10/10
    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Target

      opengl32.dll

    • Size

      546KB

    • MD5

      9795ea8a41f5017adf924489d8c4e43c

    • SHA1

      1d830d37d23833c264b60841a506d18a61dbba44

    • SHA256

      c12b92c7069755538b3a0383ef8f296c0313470190b73385008abf519e0ce8f6

    • SHA512

      dd885a4ddf777d09c4449cb11a73ebddfde49d33fbaf8274eb9cc426fcf82ee1a0fb174b86c9925b14c2fd494690441e3dde76c84a9d2652881c267217bc33a3

    • SSDEEP

      24:mHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHw:n

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks