General

  • Target

    240405-yfghjscf76_pw_infected.zip

  • Size

    6.4MB

  • Sample

    240406-hphh7sda3v

  • MD5

    f21320028907f4f3869f689eb196cdeb

  • SHA1

    b77e8ebe8092c45a80fa0556e83f50b71c9ed27e

  • SHA256

    fb154cc4e5c6f285b9bc6da1fee8880c46effc03dd9cea2542ea6c899b918476

  • SHA512

    b289a305c65e77f5f1a11d31bd85af5e73b7687df5555437db7996eb6daf088856d9846ae6bbcf2ab0adf16bf3a06240f341f05e77e8c6cae790efd5511c9e5a

  • SSDEEP

    98304:qLZla3/dS8ZsSWjGrwcDqwQUxTark408ACfhEyxXccU/JZ9Szn6X6bXN:CZliw8uJ8hdan0Q+y49Szn6MXN

Malware Config

Targets

    • Target

      Black Myth Wukong 64-bit.bin

    • Size

      6.6MB

    • MD5

      be9c01d1b46fd869e93187e1b65eb820

    • SHA1

      fe8f3b6e69af45663a8fd908a915d772aa388f83

    • SHA256

      38ba384cdb7c9cfc9c6ab60138b1b62dc465fb60e5abab17500249b39827f124

    • SHA512

      9489f74f0259b603fc3110a55ddddf1a0ccfb97dabec685ebf557d0a5dacc1ae00fb9a374c763327794760e7fba4323f0f4ef319cf1af94a4b5acf2042270308

    • SSDEEP

      196608:phZXfdfhMWOHXGjAcMIaITlkruDOT6icm+OAAkjKW8p:X+L3bjImruaT6iBm

    Score
    10/10
    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Loads dropped DLL

MITRE ATT&CK Matrix

Tasks