Overview

overview

10

Static

static

3

Launcher.exe

windows7-x64

10

Launcher.exe

windows10-2004-x64

10

cheto.dll

windows10-2004-x64

1

d3dcompiler_47.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    CHETO.rar

  • Size

    7.9MB

  • Sample

    240420-exrkashb2v

  • MD5

    58f498eee516d17b941974fc562a944b

  • SHA1

    6a331d392fc49fd4f74723cf43a3e9daae85a90f

  • SHA256

    2929dfc5653c7ebef29b88d8ddf25c77edc9052c8045e6272464fb29c7018457

  • SHA512

    ba03307bf05cbb54e4c3f6ce37096cab91888ba38a8ab57d864c55d4268d1fe601390a76f9965297ffa2d94ac23a6485138b5f8a404add62ceb7b11f2cf509a7

  • SSDEEP

    196608:xPpiW8nHcRg6HPWAhgflQGB5/+BAh7VAjqIJVt:hpitnHcRiAhGXP+BABoJj

Score
10/10
rhadamanthysstealer

Malware Config

Targets

    • Target

      Launcher.exe

    • Size

      355KB

    • MD5

      c1e0eb74024ad09c5f3750e58de67199

    • SHA1

      61b531ad13a86c7580d2a4de36589b3deeb7be3b

    • SHA256

      593c5558cb8b7ee23720b06604ddf701b9239976fe02eaa3652bbcdf5d2ea346

    • SHA512

      5d74eba5ed7e1452555faae90d8ee449890d9baf26fc67b7d12fbafeebc0f06c233646aaad56f266958d8654eadb471817e7d789db5433ec8481c5b85dffbcdd

    • SSDEEP

      6144:g2qezd2ab1/RuHk+M3k8M3W7XomjOJCqshrOlumY6DMIewgxQfqLsb:gf2R/EEkCQFYDwRqQ

    Score
    10/10
    rhadamanthysstealer

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    behavioral1behavioral2

    • Target

      cheto.dll

    • Size

      20.8MB

    • MD5

      ab2cc84a98d05ab8b540a9ad3a48ab15

    • SHA1

      d59736cefc5bb2d6fc429a5027bbb5b69039b555

    • SHA256

      3e41929571bd1307e71bc851dfe7a37c8657bb16a8387217e09660c46e8b57b3

    • SHA512

      84bc192b9232dbc427c2fb7d98727960f6f57fe769e097cfe8581feb778b54df8a6aaa8faac5cc060a2c137e10208e47a5529551aacde345a8fb2152796ebc47

    • SSDEEP

      393216:AUWnI3LyrngF82KMV+mQvB0WK0j6DWu016PN:srnFj6DWuo6l

    Score
    1/10
    behavioral3

    • Target

      d3dcompiler_47.dll

    • Size

      4.7MB

    • MD5

      2191e768cc2e19009dad20dc999135a3

    • SHA1

      f49a46ba0e954e657aaed1c9019a53d194272b6a

    • SHA256

      7353f25dc5cf84d09894e3e0461cef0e56799adbc617fce37620ca67240b547d

    • SHA512

      5adcb00162f284c16ec78016d301fc11559dd0a781ffbeff822db22efbed168b11d7e5586ea82388e9503b0c7d3740cf2a08e243877f5319202491c8a641c970

    • SSDEEP

      49152:KCZnRO4XyM53Rkq4ypQqdoRpmruVNYvkaRwvhiD0N+YEzI4og/RfzHLeHTRhFRNc:xG2QCwmHPnog/pzHAo/A6l

    Score
    1/10
    behavioral4

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks