General
-
Target
MidjourneyAI.zip
-
Size
173.5MB
-
Sample
240407-gqh1pafa88
-
MD5
e71663fa39412619bc922ba9cb868408
-
SHA1
ef340f4350eba1c2110670e9f41af6389745003a
-
SHA256
11f59fa34a25b45456caa66b094c4b42e928a74fba02ccb3e6216516737c6294
-
SHA512
d09de4324c7502e479ca9ee4bd8764aada87246f23e5ec881b0729fc015e397870d327ba1aeab774d97eaf99f48dc27d58f1e2176221c666336de267c7fb7242
-
SSDEEP
3145728:lQTkP8SJPSc27/qg144azcxD9Auw09zR2VBpLJbdXYKeDcF91TU:OTg5Sc2sz4D8a0DpLddX3HTU
Static task
static1
Behavioral task
behavioral1
Sample
MidjourneyAI-Setup.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
MidjourneyAI-Setup.exe
Resource
win10v2004-20240319-en
Behavioral task
behavioral3
Sample
MidjourneyAI-Setup.exe
Resource
win11-20240214-en
Behavioral task
behavioral4
Sample
d3dx9_43.dll
Resource
win7-20240215-en
Behavioral task
behavioral5
Sample
d3dx9_43.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral6
Sample
d3dx9_43.dll
Resource
win11-20240221-en
Malware Config
Targets
-
-
Target
MidjourneyAI-Setup.exe
-
Size
113KB
-
MD5
e354a416c9929fc647f08765ac15478a
-
SHA1
91cd09e43c52aad7d39f3b1ff9f79387a03c2d90
-
SHA256
a8a09d4e1ddbe4de188100b285a53b53b10677e4fbc93014e07211cdaf532e7b
-
SHA512
3df99c87a063467563d976ab158da704ed63a1f4bb6d0e470b5597b5bdf56c573d46bc92d04d64cdf2dc004e7c421dec9fc9c91be2dd90e2408afa3bfbc6494b
-
SSDEEP
1536:54OQUJJsxmzBalcFg93Kh2+g/KbkDVUM8r9cKHvZs8jcdEcgVu95Vc/wsrP3/pB:iUkWBEcSFKh+DinzEEcgVubVc/wsbvf
Score10/10-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Adds Run key to start application
-
Suspicious use of NtCreateThreadExHideFromDebugger
-
-
-
Target
d3dx9_43.dll
-
Size
220.0MB
-
MD5
5e32f5e1cbfb84809d22993d095e4901
-
SHA1
816c6c3c9f7a4ea07027fbf3ced913e0923a4ceb
-
SHA256
3b91bef8c1d647cf36aa666b25cc719303f175fe7eb4d6bd52946a96be447d89
-
SHA512
516de86e08181f8c7d74c7dac4529e1d88b976016ee7f71d9263c97a4a654f2e3b61f4c676f9898676f253457549a4d871d6cddc07f1469a7fb7f911dd412c1c
-
SSDEEP
49152:Z566l2u45ONYFrz31Cv3D29kd6kj2UQiI:Z566l2u45ONYFrkvz29kdJj0
Score10/10-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Adds Run key to start application
-
Suspicious use of NtCreateThreadExHideFromDebugger
-