General

  • Target

    tmp

  • Size

    444KB

  • Sample

    240405-ev8e2abh61

  • MD5

    a067c2e81ba8dfd1561aa823fd3239b3

  • SHA1

    08263f5e2a206bceeb91ed7ec071e1a96794e442

  • SHA256

    9d380a3292854ec2522aeef19e219ca54317569a7ef9bf0cf2d48c39d58af05c

  • SHA512

    f6808ff48d8d9a15344968e320e112ec784bccacac5282b48da287ce89363b79bd6151880cd4b46605401e434039618b5dd1bb42289adde906289295a1ed11c2

  • SSDEEP

    12288:Dr8pdFOvnlmRxBXjhfDnf0HfO6Ix02mPc+Trr:DrpnlmRxBXNfDf50lZj

Score
10/10

Malware Config

Targets

    • Target

      tmp

    • Size

      444KB

    • MD5

      a067c2e81ba8dfd1561aa823fd3239b3

    • SHA1

      08263f5e2a206bceeb91ed7ec071e1a96794e442

    • SHA256

      9d380a3292854ec2522aeef19e219ca54317569a7ef9bf0cf2d48c39d58af05c

    • SHA512

      f6808ff48d8d9a15344968e320e112ec784bccacac5282b48da287ce89363b79bd6151880cd4b46605401e434039618b5dd1bb42289adde906289295a1ed11c2

    • SSDEEP

      12288:Dr8pdFOvnlmRxBXjhfDnf0HfO6Ix02mPc+Trr:DrpnlmRxBXNfDf50lZj

    Score
    10/10
    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks