General
-
Target
e46cf506bfb4234c04ff59e043986e5a3b2ff8fa04c316aefdc0d0c0e72a2c18_JaffaCakes118
-
Size
448KB
-
Sample
240407-jn7mdagg52
-
MD5
bc7963a7d0a8b745e704d22bbc2c3e03
-
SHA1
50b366ee7b303c1e4a70b87876151605b20869a3
-
SHA256
e46cf506bfb4234c04ff59e043986e5a3b2ff8fa04c316aefdc0d0c0e72a2c18
-
SHA512
fddc790073b2573a50322cfe0fcc1e58f41defbab181a26f1ecd640579767ef58b5d117de943ab1016d1cd0e36e7a93094c64149f8e8308ed0fc218780cd7e07
-
SSDEEP
6144:nC5hyUR+MhyfUj6qfovXYfIrvQ/zabJzYbLkBWBXpMcwLbjJgSqtUg83T36XE24r:v+BovmID/mQmpMcmSSIU16XE2e5L
Static task
static1
Behavioral task
behavioral1
Sample
e46cf506bfb4234c04ff59e043986e5a3b2ff8fa04c316aefdc0d0c0e72a2c18_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
e46cf506bfb4234c04ff59e043986e5a3b2ff8fa04c316aefdc0d0c0e72a2c18_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
e46cf506bfb4234c04ff59e043986e5a3b2ff8fa04c316aefdc0d0c0e72a2c18_JaffaCakes118
-
Size
448KB
-
MD5
bc7963a7d0a8b745e704d22bbc2c3e03
-
SHA1
50b366ee7b303c1e4a70b87876151605b20869a3
-
SHA256
e46cf506bfb4234c04ff59e043986e5a3b2ff8fa04c316aefdc0d0c0e72a2c18
-
SHA512
fddc790073b2573a50322cfe0fcc1e58f41defbab181a26f1ecd640579767ef58b5d117de943ab1016d1cd0e36e7a93094c64149f8e8308ed0fc218780cd7e07
-
SSDEEP
6144:nC5hyUR+MhyfUj6qfovXYfIrvQ/zabJzYbLkBWBXpMcwLbjJgSqtUg83T36XE24r:v+BovmID/mQmpMcmSSIU16XE2e5L
Score10/10-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Deletes itself
-