General

  • Target

    e46cf506bfb4234c04ff59e043986e5a3b2ff8fa04c316aefdc0d0c0e72a2c18_JaffaCakes118

  • Size

    448KB

  • Sample

    240407-jn7mdagg52

  • MD5

    bc7963a7d0a8b745e704d22bbc2c3e03

  • SHA1

    50b366ee7b303c1e4a70b87876151605b20869a3

  • SHA256

    e46cf506bfb4234c04ff59e043986e5a3b2ff8fa04c316aefdc0d0c0e72a2c18

  • SHA512

    fddc790073b2573a50322cfe0fcc1e58f41defbab181a26f1ecd640579767ef58b5d117de943ab1016d1cd0e36e7a93094c64149f8e8308ed0fc218780cd7e07

  • SSDEEP

    6144:nC5hyUR+MhyfUj6qfovXYfIrvQ/zabJzYbLkBWBXpMcwLbjJgSqtUg83T36XE24r:v+BovmID/mQmpMcmSSIU16XE2e5L

Score
10/10

Malware Config

Targets

    • Target

      e46cf506bfb4234c04ff59e043986e5a3b2ff8fa04c316aefdc0d0c0e72a2c18_JaffaCakes118

    • Size

      448KB

    • MD5

      bc7963a7d0a8b745e704d22bbc2c3e03

    • SHA1

      50b366ee7b303c1e4a70b87876151605b20869a3

    • SHA256

      e46cf506bfb4234c04ff59e043986e5a3b2ff8fa04c316aefdc0d0c0e72a2c18

    • SHA512

      fddc790073b2573a50322cfe0fcc1e58f41defbab181a26f1ecd640579767ef58b5d117de943ab1016d1cd0e36e7a93094c64149f8e8308ed0fc218780cd7e07

    • SSDEEP

      6144:nC5hyUR+MhyfUj6qfovXYfIrvQ/zabJzYbLkBWBXpMcwLbjJgSqtUg83T36XE24r:v+BovmID/mQmpMcmSSIU16XE2e5L

    Score
    10/10
    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Deletes itself

MITRE ATT&CK Matrix

Tasks