General
-
Target
634197365295ceae7104357b3f573487.bin
-
Size
15KB
-
Sample
240407-brszdshe92
-
MD5
b59e3e93d617c35f99413807237bbb4f
-
SHA1
1762adf2c6bfdca4001b3115cc54bc711b2bc0ea
-
SHA256
d7b616057f0338ca641205055c3902f032194816bac81bf4cdccdb77c34e0bd0
-
SHA512
1240a9c25b15d221b9bfac68fd45d43e32de0a4a1a602f244aaaa345352ab50d4225adc86c2709b1c0c530365c8656a88b712ddffe766fbe762e876e7dcf5caa
-
SSDEEP
384:Je4Aj+zoBNgVJ6W9DjMkMpyerknBmVNtLsM9/2gzgRdSy:JbAMSmMkMserknBmVTs2VzgnSy
Static task
static1
Behavioral task
behavioral1
Sample
6d54dda9e14d5c38bea8f1b336e9e0eaa856c5d876b64d5e01d325dfcd066762.lnk
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
6d54dda9e14d5c38bea8f1b336e9e0eaa856c5d876b64d5e01d325dfcd066762.lnk
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
6d54dda9e14d5c38bea8f1b336e9e0eaa856c5d876b64d5e01d325dfcd066762.lnk
-
Size
15KB
-
MD5
634197365295ceae7104357b3f573487
-
SHA1
86bbbc78b677f083a29d4586b940ec8b8569181a
-
SHA256
6d54dda9e14d5c38bea8f1b336e9e0eaa856c5d876b64d5e01d325dfcd066762
-
SHA512
9f4d4d57f5735396dbd744936fd15aa4a8611dde1ded2346d04db4779a80f060f14869772a80611a71c677018eb2875bfef7851d7ed42ad3d18a7398509961c0
-
SSDEEP
384:u53cVMS5zx83Rpzta94tkfmNOJpyb8mgECY3A2IRRDVk8aR:XVMS9ml89+ZNOJp4+xnfRRDu8e
Score10/10-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-