Overview

overview

10

Static

static

10

cryptolaemus

windows10-2004-x64

10

cryptolaemus

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c829be0e78641329583de11672027a67cb3fc2ba31059e258a87001953b8f4ac

  • Size

    774KB

  • Sample

    240419-3vrdhsbf2t

  • MD5

    b68ced78e1348de3af3fb2052aa4f1a1

  • SHA1

    c974c8857a1aecba0347280c3f6eff561a2f3fb5

  • SHA256

    c829be0e78641329583de11672027a67cb3fc2ba31059e258a87001953b8f4ac

  • SHA512

    da54d1e31d0dc20730dff2eca07ea8517812986bb337335078f189b3008f49360c09c0b38006827984023a79256c7f0eedc334fcadfb26c05dcb962c28e8f479

  • SSDEEP

    12288:rypQrulqgXsBry3Bd/7f9b7ekLKOXlpGtaKksX5VjofTYj2LMVUxa7dSItGx:xrGbcByj7fBektXlpGLJJ+C2wu0xtGx

Score
10/10
rhadamanthyszgratratstealer

Malware Config

Targets

    • Target

      c829be0e78641329583de11672027a67cb3fc2ba31059e258a87001953b8f4ac

    • Size

      774KB

    • MD5

      b68ced78e1348de3af3fb2052aa4f1a1

    • SHA1

      c974c8857a1aecba0347280c3f6eff561a2f3fb5

    • SHA256

      c829be0e78641329583de11672027a67cb3fc2ba31059e258a87001953b8f4ac

    • SHA512

      da54d1e31d0dc20730dff2eca07ea8517812986bb337335078f189b3008f49360c09c0b38006827984023a79256c7f0eedc334fcadfb26c05dcb962c28e8f479

    • SSDEEP

      12288:rypQrulqgXsBry3Bd/7f9b7ekLKOXlpGtaKksX5VjofTYj2LMVUxa7dSItGx:xrGbcByj7fBektXlpGLJJ+C2wu0xtGx

    Score
    10/10
    rhadamanthyszgratratstealer

    • Detect ZGRat V1

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • ZGRat

      ZGRat is remote access trojan written in C#.

      ratzgrat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks