General

  • Target

    decbd662ecab295cb2c060232a6de8218843d671b7cb628aaf769ba4bcdf126f.lnk

  • Size

    9KB

  • Sample

    240406-b5cjkagg5s

  • MD5

    a344b567076691b5cd838512c99bc884

  • SHA1

    0de4ad8f9f127c0c444bb7db4459d0977b1f6506

  • SHA256

    decbd662ecab295cb2c060232a6de8218843d671b7cb628aaf769ba4bcdf126f

  • SHA512

    ad6d3fed7647c933c9a23938f7c39a8799d5845cd6a9e1fec6d0a2044c740795d428e89467c4e5b1f8217217f272863438b68e160da312d6ae8498af9688dd98

  • SSDEEP

    192:8z5phm3MSBfQbxE4l2g9FWV4FBno2dzSkbP43O5yrf68g493f61hVNeXkI:u5fcMS5Qb6EouFB3dzBbw3Omf68Zp9XV

Score
10/10

Malware Config

Targets

    • Target

      decbd662ecab295cb2c060232a6de8218843d671b7cb628aaf769ba4bcdf126f.lnk

    • Size

      9KB

    • MD5

      a344b567076691b5cd838512c99bc884

    • SHA1

      0de4ad8f9f127c0c444bb7db4459d0977b1f6506

    • SHA256

      decbd662ecab295cb2c060232a6de8218843d671b7cb628aaf769ba4bcdf126f

    • SHA512

      ad6d3fed7647c933c9a23938f7c39a8799d5845cd6a9e1fec6d0a2044c740795d428e89467c4e5b1f8217217f272863438b68e160da312d6ae8498af9688dd98

    • SSDEEP

      192:8z5phm3MSBfQbxE4l2g9FWV4FBno2dzSkbP43O5yrf68g493f61hVNeXkI:u5fcMS5Qb6EouFB3dzBbw3Omf68Zp9XV

    Score
    10/10
    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks