General
-
Target
BloxFlipPredictor.rar
-
Size
9.9MB
-
Sample
240421-a2skyaed26
-
MD5
3ca322ae6e2427b6ec5d29fc24ae87b6
-
SHA1
66dcbd5050095378bc079e9ce5964ebf5d33371d
-
SHA256
256a3dd27e87579fde86b0fb83f3952d6bd62a526056b52f2f7ffc3623bbedd7
-
SHA512
1ac48569e5258ed03509ac43eb544289f94971f8ded07d5b0d973fd482a8c25b33dd8d53e98786860618aeca01270b968f3f8cbf15e6bbc059abc2d1dbd61fb2
-
SSDEEP
196608:EQgg15pM+bCAO4dUstVrJBTALX40+Sk6qECDvd1I2RYVxshYB82ED3aIjroV:lgb6bVVrJBK5JAPI8YVShDdDK8oV
Static task
static1
Behavioral task
behavioral1
Sample
BloxFlipPredictor.rar
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
BloxFlipPredictor.rar
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
BloxFlipPredictor.rar
-
Size
9.9MB
-
MD5
3ca322ae6e2427b6ec5d29fc24ae87b6
-
SHA1
66dcbd5050095378bc079e9ce5964ebf5d33371d
-
SHA256
256a3dd27e87579fde86b0fb83f3952d6bd62a526056b52f2f7ffc3623bbedd7
-
SHA512
1ac48569e5258ed03509ac43eb544289f94971f8ded07d5b0d973fd482a8c25b33dd8d53e98786860618aeca01270b968f3f8cbf15e6bbc059abc2d1dbd61fb2
-
SSDEEP
196608:EQgg15pM+bCAO4dUstVrJBTALX40+Sk6qECDvd1I2RYVxshYB82ED3aIjroV:lgb6bVVrJBK5JAPI8YVShDdDK8oV
Score10/10-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Executes dropped EXE
-