General

  • Target

    Launcher6.exe

  • Size

    522KB

  • Sample

    240404-t671zacf81

  • MD5

    019fbd8634db0f2b0ed63311956a72cf

  • SHA1

    54af4f9d712ac5131d07fd29523a21fe970d93ab

  • SHA256

    6265ca0426b503618b3b48a5a423cb3d4798ab1208e8716aab8d5cee2cab9196

  • SHA512

    15be568f5f01caf9a0c12c43e32f1104397652619d306cd82ae28326bfe391664c98fd5c48e624736ab38c33c27d92b1678849acd7877b3555336b48a4383e1e

  • SSDEEP

    6144:TXmSsdKbgJvF/zdzImDFtJnyf5BtY8NIFPQc0GLNaLXXFxL7SJ7Hr75zPgsCy0/X:NYKgR/FOftuSGwF57G9P6yvIYl9b2

Malware Config

Targets

    • Target

      Launcher6.exe

    • Size

      522KB

    • MD5

      019fbd8634db0f2b0ed63311956a72cf

    • SHA1

      54af4f9d712ac5131d07fd29523a21fe970d93ab

    • SHA256

      6265ca0426b503618b3b48a5a423cb3d4798ab1208e8716aab8d5cee2cab9196

    • SHA512

      15be568f5f01caf9a0c12c43e32f1104397652619d306cd82ae28326bfe391664c98fd5c48e624736ab38c33c27d92b1678849acd7877b3555336b48a4383e1e

    • SSDEEP

      6144:TXmSsdKbgJvF/zdzImDFtJnyf5BtY8NIFPQc0GLNaLXXFxL7SJ7Hr75zPgsCy0/X:NYKgR/FOftuSGwF57G9P6yvIYl9b2

    • Detect ZGRat V1

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • ZGRat

      ZGRat is remote access trojan written in C#.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks