General

  • Target

    file2 (1).zip

  • Size

    571KB

  • Sample

    240406-sfpw2ade53

  • MD5

    bff0400a847e1e782a53b97191094898

  • SHA1

    1402363cc9dc5fff14f22bb852fc200e5e97a0e9

  • SHA256

    880e73ea06db952d80f94c416b0fb7bc681e275017a56a99158f432cb99689a7

  • SHA512

    aa37476d8cdf8dfa33e459e4518833ddc58791002dcec245cc63172ef3d7283ee9442aeda8b7504568abe3330bb2c1c7c2b3f8efe304322fce071ecfb4483b96

  • SSDEEP

    12288:uzfMwRyflNfHx8lNrrHjybloSLhXlhx7WQChBMHTedFv/N2gA47:ujMwRyXHqlNrLubnFVhGaHqLsg5

Score
10/10

Malware Config

Targets

    • Target

      testrha.exe

    • Size

      39KB

    • MD5

      f1b14f71252de9ac763dbfbfbfc8c2dc

    • SHA1

      dcc2dcb26c1649887f1d5ae557a000b5fe34bb98

    • SHA256

      796ea1d27ed5825e300c3c9505a87b2445886623235f3e41258de90ba1604cd5

    • SHA512

      636a32fb8a88a542783aa57fe047b6bca47b2bd23b41b3902671c4e9036c6dbb97576be27fd2395a988653e6b63714277873e077519b4a06cdc5f63d3c4224e0

    • SSDEEP

      768:YRQnUhG5bZDOTpkdD82YbQkRFokFWIILPUh:FWObZDOTpk5T6zqAh

    Score
    10/10
    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Suspicious use of NtCreateUserProcessOtherParentProcess

MITRE ATT&CK Matrix

Tasks