General

  • Target

    V1.4.zip

  • Size

    28.7MB

  • Sample

    240406-n4zzpaad66

  • MD5

    52432ddbbab7aa80052e38cc4fea7659

  • SHA1

    58acd1a398abcdafecd605e76f382766fb4a2083

  • SHA256

    8aa8092a28d4f4b80597aeb4c2292cd2ab1146470a71057b4a69c09102ebf5a4

  • SHA512

    38d3f9e3292b1b3a2d97450d7dc1d3de411919b315a12675986e5ba493588179939d93f217931e9024116fa529e1d3fd0d534959ce08cad852b14636ea50808b

  • SSDEEP

    786432:9lnpK5459dOdLbsE02FogbV3TE9CcUngEbxfxWBshGsW:9lpK2YoE0wbw6gEvWBsdW

Malware Config

Targets

    • Target

      ProjectGitHub/Loader.exe

    • Size

      48.8MB

    • MD5

      4f0fb7aa39a226dbeed9ba3721f72179

    • SHA1

      991ebb1dfc48526c7b4108948ff43ffd867ad048

    • SHA256

      5c4cf05f2660a5565139a4452b34ce466b4d070aac346cf47a7172edf26758df

    • SHA512

      87e84d9f8ea54860b8bc52b36426fb6aaf53fa815e2d8cbb7de0c2525cdf9a705704246df9e4dbc54582248a0d3d06b196bbd3caeb1bb02a3a424d1522477fac

    • SSDEEP

      196608:WtpDyJA+X0IxRIDgTdG2i4RooYa/yC092ezPFMspZo09xAJfMHDqRcz:0pDyJAEIDgTE4BYaaT92Kasx9Ak

    Score
    10/10
    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Executes dropped EXE

    • Suspicious use of SetThreadContext

    • Target

      ProjectGitHub/bin/UbuilderB.dll

    • Size

      3.6MB

    • MD5

      f474baf2f922f8485752170cc261a72b

    • SHA1

      7e447654e04a91a578a22da5f95d0827e543740e

    • SHA256

      2f9a39635d6a379577b073945477609c3ab3656c4adc54a0d7cce23c4432c04f

    • SHA512

      5bf9f3ddf527ebe14c610be6e6d525917f8fd7cbc697d1d308044a06ee7587977737c88d8ffc83508d1e8714efb761c05d38ef16037bd63862c419174c3cdd33

    • SSDEEP

      98304:D3yMS4vp4iKTBrHJWGs2NyqeoNE/7SRYY6:Dp4iKTVHJack+s

    Score
    7/10
    • Target

      ProjectGitHub/bin/UbuilderS.dll

    • Size

      3.6MB

    • MD5

      8627fd537e892afae534c5e07f50b2c3

    • SHA1

      8b90cc232744e7f0a1d27f5b4ec4f6d0d966ed9a

    • SHA256

      09f156b3d7d51dad5a9ddd04f9685882a2d479e56deda6eaa0e58ecb19c19228

    • SHA512

      1af58aeda603230a0091c5d871ac88773f2b57a835c42c36ebb79e2cc39c7c0edf795bf039bb0eface4303b2b9fb5c3878d8a5364e7d3b73daa26fc392c1da70

    • SSDEEP

      49152:LC/+vwyHnNfERTPokBMyHJWGs8FaRMqu3XCqRq8stcpVk4JobxJ17IxRYbwPmmkO:szyHnN+TBrHJWGs2NyqeoNE/7SRYYCO

    Score
    7/10

MITRE ATT&CK Enterprise v15

Tasks