General
-
Target
d3dx9_43.dll
-
Size
220.0MB
-
Sample
240407-gr3fqafb42
-
MD5
5e32f5e1cbfb84809d22993d095e4901
-
SHA1
816c6c3c9f7a4ea07027fbf3ced913e0923a4ceb
-
SHA256
3b91bef8c1d647cf36aa666b25cc719303f175fe7eb4d6bd52946a96be447d89
-
SHA512
516de86e08181f8c7d74c7dac4529e1d88b976016ee7f71d9263c97a4a654f2e3b61f4c676f9898676f253457549a4d871d6cddc07f1469a7fb7f911dd412c1c
-
SSDEEP
49152:Z566l2u45ONYFrz31Cv3D29kd6kj2UQiI:Z566l2u45ONYFrkvz29kdJj0
Static task
static1
Behavioral task
behavioral1
Sample
d3dx9_43.dll
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
d3dx9_43.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral3
Sample
d3dx9_43.dll
Resource
win11-20240214-en
Malware Config
Targets
-
-
Target
d3dx9_43.dll
-
Size
220.0MB
-
MD5
5e32f5e1cbfb84809d22993d095e4901
-
SHA1
816c6c3c9f7a4ea07027fbf3ced913e0923a4ceb
-
SHA256
3b91bef8c1d647cf36aa666b25cc719303f175fe7eb4d6bd52946a96be447d89
-
SHA512
516de86e08181f8c7d74c7dac4529e1d88b976016ee7f71d9263c97a4a654f2e3b61f4c676f9898676f253457549a4d871d6cddc07f1469a7fb7f911dd412c1c
-
SSDEEP
49152:Z566l2u45ONYFrz31Cv3D29kd6kj2UQiI:Z566l2u45ONYFrkvz29kdJj0
Score10/10-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Adds Run key to start application
-
Suspicious use of NtCreateThreadExHideFromDebugger
-