rhadamanthys | 6d38ecc7c7421b3294ece31e257138dba7c1e933d5d4aecac68acd1b0395f7f8 | Triage

Submit
Reports

Overview

overview

Static

static

cryptolaemus

windows10-2004-x64

cryptolaemus

windows11-21h2-x64

Sharing

General

Target

6d38ecc7c7421b3294ece31e257138dba7c1e933d5d4aecac68acd1b0395f7f8
Size

777KB
Sample

240423-vvc7wsab96
MD5

f20953273a29f211ad2fbd1db9961349
SHA1

e6ed3e4123dc0d727ea759f9560eab6971f1fcc0
SHA256

6d38ecc7c7421b3294ece31e257138dba7c1e933d5d4aecac68acd1b0395f7f8
SHA512

a5c9e0e4711d869fea9589ac7df843c1a66e93250997c1e009ebaa4afe219edf48a340f9435ff233b92e3a1d810713b901de3bc41b7f8f77d454ade549e048f7
SSDEEP

12288:dEUWVser3NvH4qsanwmgW7gPLKp/31lOXwAH5eawCZyNRpJeSzEZFf9J/hw8:dJmBDZHfPgGgzKtjUZeaL2feHbjh

Score

10^/10

rhadamanthys zgrat rat stealer

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

6d38ecc7c7421b3294ece31e257138dba7c1e933d5d4aecac68acd1b0395f7f8.exe

Resource

win10v2004-20240412-en

rhadamanthys zgrat rat stealer

windows10-2004-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

6d38ecc7c7421b3294ece31e257138dba7c1e933d5d4aecac68acd1b0395f7f8.exe

Resource

win11-20240412-en

rhadamanthys zgrat rat stealer

windows11-21h2-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  6d38ecc7c7421b3294ece31e257138dba7c1e933d5d4aecac68acd1b0395f7f8
- Size
  
  777KB
- MD5
  
  f20953273a29f211ad2fbd1db9961349
- SHA1
  
  e6ed3e4123dc0d727ea759f9560eab6971f1fcc0
- SHA256
  
  6d38ecc7c7421b3294ece31e257138dba7c1e933d5d4aecac68acd1b0395f7f8
- SHA512
  
  a5c9e0e4711d869fea9589ac7df843c1a66e93250997c1e009ebaa4afe219edf48a340f9435ff233b92e3a1d810713b901de3bc41b7f8f77d454ade549e048f7
- SSDEEP
  
  12288:dEUWVser3NvH4qsanwmgW7gPLKp/31lOXwAH5eawCZyNRpJeSzEZFf9J/hw8:dJmBDZHfPgGgzKtjUZeaL2feHbjh
Score

10^/10

rhadamanthys zgrat rat stealer
- Detect ZGRat V1
- Rhadamanthys
  Rhadamanthys is an info stealer written in C++ first seen in August 2022.
  stealer rhadamanthys
- Suspicious use of NtCreateUserProcessOtherParentProcess
- ZGRat
  ZGRat is remote access trojan written in C#.
  rat zgrat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

rhadamanthyszgratratstealer

behavioral2

rhadamanthyszgratratstealer

© 2018-2024

Terms | Privacy