General
-
Target
FortniteFPS.exe
-
Size
444KB
-
Sample
240404-xk562aga64
-
MD5
ed8f9d380212722ab220453cf5c64524
-
SHA1
e7cf9a672de8766bb9db767f4b3aaf3a7a0f6b10
-
SHA256
fda3dd5344e004dc209fe24b2e383fbef569e11dc14f0d02c2051e8a69c80427
-
SHA512
137a381f40c6db23580350322ddbc2930504dac23b693611ff975efa042fe4ba24587580339c27664eae0ae3c63278dc00e11aa82db6b9acceb0dd806f0c37c8
-
SSDEEP
12288:khpdFOiCa+pp6DkqebgShtFRvKAOjzEcaY6RqTWmHH:kSa+E9SzFRy7jzEcB6UK
Static task
static1
Behavioral task
behavioral1
Sample
FortniteFPS.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
FortniteFPS.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
FortniteFPS.exe
-
Size
444KB
-
MD5
ed8f9d380212722ab220453cf5c64524
-
SHA1
e7cf9a672de8766bb9db767f4b3aaf3a7a0f6b10
-
SHA256
fda3dd5344e004dc209fe24b2e383fbef569e11dc14f0d02c2051e8a69c80427
-
SHA512
137a381f40c6db23580350322ddbc2930504dac23b693611ff975efa042fe4ba24587580339c27664eae0ae3c63278dc00e11aa82db6b9acceb0dd806f0c37c8
-
SSDEEP
12288:khpdFOiCa+pp6DkqebgShtFRvKAOjzEcaY6RqTWmHH:kSa+E9SzFRy7jzEcB6UK
Score10/10-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Suspicious use of SetThreadContext
-