General

  • Target

    open.exe

  • Size

    353KB

  • Sample

    240405-nzkzzaba7w

  • MD5

    fe36f2fda53c21f8f7e06629cdcc377b

  • SHA1

    3988d1e0628299d29ef39bbb7f24ee347933ab9b

  • SHA256

    4fb58687a364c3f6d6f7e0ca03654f9dec0f8832a499d61d40b0d424db1b1b14

  • SHA512

    fa56f2dcd9fb050718389458f892a8ba2efddb81d3b72e18221333cae245e2a475a52dbc58d6ab51e0e508a31922de60f42dbd2405c7f1e0d634e46fb6261689

  • SSDEEP

    6144:IM4ypBt/6bC6p/8jJkJaVnQUKRnazBrRYJs3mb2stMK39V8s98ix2p:IM1t/6+6pWG8aRna9RYSQTXtV8s98E2

Score
10/10

Malware Config

Targets

    • Target

      open.exe

    • Size

      353KB

    • MD5

      fe36f2fda53c21f8f7e06629cdcc377b

    • SHA1

      3988d1e0628299d29ef39bbb7f24ee347933ab9b

    • SHA256

      4fb58687a364c3f6d6f7e0ca03654f9dec0f8832a499d61d40b0d424db1b1b14

    • SHA512

      fa56f2dcd9fb050718389458f892a8ba2efddb81d3b72e18221333cae245e2a475a52dbc58d6ab51e0e508a31922de60f42dbd2405c7f1e0d634e46fb6261689

    • SSDEEP

      6144:IM4ypBt/6bC6p/8jJkJaVnQUKRnazBrRYJs3mb2stMK39V8s98ix2p:IM1t/6+6pWG8aRna9RYSQTXtV8s98E2

    Score
    10/10
    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Suspicious use of NtCreateUserProcessOtherParentProcess

MITRE ATT&CK Matrix

Tasks