General
-
Target
S500_RAT.rar.html
-
Size
18KB
-
Sample
240418-d7bq6ahh86
-
MD5
2c9ddc7917fc3b8c6580db5bf1df83fc
-
SHA1
7cb8378ddac614e5e3927289d296291e2a9a05e5
-
SHA256
308190913649aaf08933e4841d510bfd45ca321548c47d69b9f77cb1f6d3d2d4
-
SHA512
4e0ac6b587f7fc4ebec97ae9bbb2dddd67b63d8125a8b1f8dd3e42980ea83a52ab881d53a67add88f568df7c2aa3ce1be778a57202fbd678f9eda152ddefa999
-
SSDEEP
384:OoJylIn7xpYwuu504YUeHYUDRzhU3E8+UUKIz40qo8CTK3Mc:OoJCIn7XY20tjDRzh4E8+UUKIz40qo8n
Static task
static1
Behavioral task
behavioral1
Sample
S500_RAT.rar.html
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
S500_RAT.rar.html
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
S500_RAT.rar.html
-
Size
18KB
-
MD5
2c9ddc7917fc3b8c6580db5bf1df83fc
-
SHA1
7cb8378ddac614e5e3927289d296291e2a9a05e5
-
SHA256
308190913649aaf08933e4841d510bfd45ca321548c47d69b9f77cb1f6d3d2d4
-
SHA512
4e0ac6b587f7fc4ebec97ae9bbb2dddd67b63d8125a8b1f8dd3e42980ea83a52ab881d53a67add88f568df7c2aa3ce1be778a57202fbd678f9eda152ddefa999
-
SSDEEP
384:OoJylIn7xpYwuu504YUeHYUDRzhU3E8+UUKIz40qo8CTK3Mc:OoJCIn7XY20tjDRzh4E8+UUKIz40qo8n
Score10/10-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-