General
-
Target
35ed65d9919843300db648bf93ae57d7330095eb1ce18d6c6050db88a2e4f297
-
Size
934KB
-
Sample
240418-tgjxvahc39
-
MD5
7def16e0ceea0ad69d53e0e636541dd9
-
SHA1
92080bb5ad272cf69f69aa0588856cda4b4b1c28
-
SHA256
35ed65d9919843300db648bf93ae57d7330095eb1ce18d6c6050db88a2e4f297
-
SHA512
9616fb69ed3fd6d59ae060a671c5af86f0d7e1a4e6f8436a9c7244928a2bb1f0a76ec4f1968f77180141493c16a4e1090faf8786ead929c3bd3812f2e09e596a
-
SSDEEP
24576:gbVB9BI+CacE07NGWx1G0MEL2XH09GIGiSUS00dpf:qVrIacF7dnMBXU9GIzSUlypf
Malware Config
Targets
-
-
Target
35ed65d9919843300db648bf93ae57d7330095eb1ce18d6c6050db88a2e4f297
-
Size
934KB
-
MD5
7def16e0ceea0ad69d53e0e636541dd9
-
SHA1
92080bb5ad272cf69f69aa0588856cda4b4b1c28
-
SHA256
35ed65d9919843300db648bf93ae57d7330095eb1ce18d6c6050db88a2e4f297
-
SHA512
9616fb69ed3fd6d59ae060a671c5af86f0d7e1a4e6f8436a9c7244928a2bb1f0a76ec4f1968f77180141493c16a4e1090faf8786ead929c3bd3812f2e09e596a
-
SSDEEP
24576:gbVB9BI+CacE07NGWx1G0MEL2XH09GIGiSUS00dpf:qVrIacF7dnMBXU9GIzSUlypf
Score10/10-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-