Overview

overview

10

Static

static

3

d6b34e4d6a...99.exe

windows7-x64

10

d6b34e4d6a...99.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    db59438947614e0f9ec3112da4c95f3baa6cf5eaf634f1330c692a84dcd76def

  • Size

    530KB

  • Sample

    240417-sbgd4adb73

  • MD5

    5c7ac69bd9ee24e537da8be8c9067140

  • SHA1

    0a61b12c1506f8dccda6978faf547db5f13fb2b3

  • SHA256

    db59438947614e0f9ec3112da4c95f3baa6cf5eaf634f1330c692a84dcd76def

  • SHA512

    e933a17385a8bceee539206779ce29087479fbf7493112da1e7d32202f4f07c8077560c7fc4c883e3bd91de704b2cc8fb79643159cbdfc5619bc01cf947e5e4c

  • SSDEEP

    12288:qCZ7a0QdqrHPeUv5IPsI/T5qIuXP5FE55C5DZC8rLx3myZ:qPh0HZ5U5qfhauZCqx3ma

Score
10/10
rhadamanthysstealer

Malware Config

Targets

    • Target

      d6b34e4d6ae059a7d26daa9d1aef34f505a0015560afaa87f6c47721ad020699.exe

    • Size

      578KB

    • MD5

      6123480eed61c4ca3bd561ed47209642

    • SHA1

      b42522ffa84aed388238c0983e0a49be454c8427

    • SHA256

      d6b34e4d6ae059a7d26daa9d1aef34f505a0015560afaa87f6c47721ad020699

    • SHA512

      e5a345662f4361501906da111c50d75a63c67abc76a7fb925fcd7a1bd0505c7fcee983766821fb4f573a88dcf3f0522adad230b230eb5911a94ff17a3234ef8f

    • SSDEEP

      12288:bfKmKtBU5V7u/gQjp1RfN7P6CS7snb3wFiNuHAB:bfKmEBU5V7ZQjn7SL7sn3B

    Score
    10/10
    rhadamanthysstealer

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks