General
-
Target
240405-yfghjscf76_pw_infected.zip
-
Size
6.4MB
-
Sample
240406-hphh7sda3v
-
MD5
f21320028907f4f3869f689eb196cdeb
-
SHA1
b77e8ebe8092c45a80fa0556e83f50b71c9ed27e
-
SHA256
fb154cc4e5c6f285b9bc6da1fee8880c46effc03dd9cea2542ea6c899b918476
-
SHA512
b289a305c65e77f5f1a11d31bd85af5e73b7687df5555437db7996eb6daf088856d9846ae6bbcf2ab0adf16bf3a06240f341f05e77e8c6cae790efd5511c9e5a
-
SSDEEP
98304:qLZla3/dS8ZsSWjGrwcDqwQUxTark408ACfhEyxXccU/JZ9Szn6X6bXN:CZliw8uJ8hdan0Q+y49Szn6MXN
Behavioral task
behavioral1
Sample
Black Myth Wukong 64-bit.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral2
Sample
Black Myth Wukong 64-bit.exe
Resource
win11-20240221-en
Malware Config
Targets
-
-
Target
Black Myth Wukong 64-bit.bin
-
Size
6.6MB
-
MD5
be9c01d1b46fd869e93187e1b65eb820
-
SHA1
fe8f3b6e69af45663a8fd908a915d772aa388f83
-
SHA256
38ba384cdb7c9cfc9c6ab60138b1b62dc465fb60e5abab17500249b39827f124
-
SHA512
9489f74f0259b603fc3110a55ddddf1a0ccfb97dabec685ebf557d0a5dacc1ae00fb9a374c763327794760e7fba4323f0f4ef319cf1af94a4b5acf2042270308
-
SSDEEP
196608:phZXfdfhMWOHXGjAcMIaITlkruDOT6icm+OAAkjKW8p:X+L3bjImruaT6iBm
Score10/10-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Loads dropped DLL
-