General
-
Target
redist.zip
-
Size
574KB
-
Sample
240405-tdv6psgf97
-
MD5
bf6d6fe6da85f88730037e7a3a965361
-
SHA1
77593c729996993f582ccc8aa43130b428b217ba
-
SHA256
50def44bbe9a1293f746fa21dd944ba29389026018d9463aa30d143736266a2b
-
SHA512
42fed845065f7017d1ec24418c80d72d78b9fbc9b4fc127858dbfd0992d8a65e718f241b16ef2e8c9a75e1f8641928bab6a04b98fbca65a28c3cffb0b5ee313d
-
SSDEEP
12288:Za2BiFBOUnPigym45HU5tND8h2j4HqvZXTspNyNW7Gu:lBiJnagz4dUv/jPmp0Tu
Static task
static1
Behavioral task
behavioral1
Sample
redist.zip
Resource
win7-20240319-en
Behavioral task
behavioral2
Sample
redist.zip
Resource
win10v2004-20240226-en
Behavioral task
behavioral3
Sample
buildrhadha.exe
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
buildrhadha.exe
Resource
win10v2004-20240319-en
Behavioral task
behavioral5
Sample
data.bin
Resource
win7-20240221-en
Behavioral task
behavioral6
Sample
data.bin
Resource
win10v2004-20240226-en
Behavioral task
behavioral7
Sample
g2m.dll
Resource
win7-20240221-en
Behavioral task
behavioral8
Sample
g2m.dll
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
redist.zip
-
Size
574KB
-
MD5
bf6d6fe6da85f88730037e7a3a965361
-
SHA1
77593c729996993f582ccc8aa43130b428b217ba
-
SHA256
50def44bbe9a1293f746fa21dd944ba29389026018d9463aa30d143736266a2b
-
SHA512
42fed845065f7017d1ec24418c80d72d78b9fbc9b4fc127858dbfd0992d8a65e718f241b16ef2e8c9a75e1f8641928bab6a04b98fbca65a28c3cffb0b5ee313d
-
SSDEEP
12288:Za2BiFBOUnPigym45HU5tND8h2j4HqvZXTspNyNW7Gu:lBiJnagz4dUv/jPmp0Tu
Score1/10 -
-
-
Target
buildrhadha.exe
-
Size
39KB
-
MD5
f1b14f71252de9ac763dbfbfbfc8c2dc
-
SHA1
dcc2dcb26c1649887f1d5ae557a000b5fe34bb98
-
SHA256
796ea1d27ed5825e300c3c9505a87b2445886623235f3e41258de90ba1604cd5
-
SHA512
636a32fb8a88a542783aa57fe047b6bca47b2bd23b41b3902671c4e9036c6dbb97576be27fd2395a988653e6b63714277873e077519b4a06cdc5f63d3c4224e0
-
SSDEEP
768:YRQnUhG5bZDOTpkdD82YbQkRFokFWIILPUh:FWObZDOTpk5T6zqAh
Score10/10-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
-
-
Target
data.bin
-
Size
385KB
-
MD5
5a7264ad76d39eda0dc5530e9a3679e4
-
SHA1
1efbe655e1ba6c78c43ba3409cf8e8f684abb3b4
-
SHA256
63517dce685f53192dad844d6bfed151f081a7ba2c37ce416117d2d938d07a6c
-
SHA512
5abf227ebaccb71d415252c664ce1ee8581964c75839b032dae65d709a195dfca3e49a92e5e737c313d570f7891d752ba828944abcadce7e1e8942349efe571b
-
SSDEEP
6144:LvwGlkQbUt657/HdVfsEb3nkg88bCQUYs08m78m+51RUsWTNCsF8ncMu+Ur0:LIZiLvUM/7qmgm+57UFTN18n4r0
Score3/10 -
-
-
Target
g2m.dll
-
Size
395KB
-
MD5
eef5e122a610edb4f13115dff624b2b9
-
SHA1
da324be4ee4c1573fbaedd83307ee888335d9661
-
SHA256
dd9c9d63a5f4798d3d30ddc7d0eb569c4406b2db7224b936c0721b78b7436940
-
SHA512
7f2318d222ac172b5aadecb09e19ff121a2648742c4e23fee91a9551a2f50014886fcb9f67f228e43fadd36fe80e71b9e6bd443b6d696533f872a2fb99862556
-
SSDEEP
6144:zT1N9+2qMgtcYrnWtkbGoWkYnxDrWJgVdfjJBPLbvrPtj2Ik/0:zxqzt+kYtHVRjJBb6/0
Score3/10 -