Overview

overview

10

Static

static

3

Authentica..._2.exe

windows7-x64

7

Authentica..._2.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Authenticator_release_x86_64_2.exe

  • Size

    17.2MB

  • Sample

    240424-z3ccsahg82

  • MD5

    26674a4865f364f2e3b7155da5fb4817

  • SHA1

    2a9e1278e560dea0ac691c59b1ca90f29bf4d519

  • SHA256

    baf55c8fc4986b0cd6c270b6c5b7851dbc583b216de752d3cc9d9725c36006e0

  • SHA512

    083ad97e0b9964d26b2c3bbfbb08c2cf27c3b53bd93f67da4308f9921dc07ea0e208e4a194c1609ccab80d4d37444cf0490f59af10616df21c044c345449c2d3

  • SSDEEP

    196608:KePBccl0sKYu/PaQtsI9iL4FMIZETSkjPePdrQJM93BMJg6x9iGvPoMut/X6e0yL:lBccLQtsTQETSkvJQCJGG4MUXx8AKOR/

Score
10/10
rhadamanthyspyinstallerstealer

Malware Config

Targets

    • Target

      Authenticator_release_x86_64_2.exe

    • Size

      17.2MB

    • MD5

      26674a4865f364f2e3b7155da5fb4817

    • SHA1

      2a9e1278e560dea0ac691c59b1ca90f29bf4d519

    • SHA256

      baf55c8fc4986b0cd6c270b6c5b7851dbc583b216de752d3cc9d9725c36006e0

    • SHA512

      083ad97e0b9964d26b2c3bbfbb08c2cf27c3b53bd93f67da4308f9921dc07ea0e208e4a194c1609ccab80d4d37444cf0490f59af10616df21c044c345449c2d3

    • SSDEEP

      196608:KePBccl0sKYu/PaQtsI9iL4FMIZETSkjPePdrQJM93BMJg6x9iGvPoMut/X6e0yL:lBccLQtsTQETSkvJQCJGG4MUXx8AKOR/

    Score
    10/10
    rhadamanthysstealer

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Tasks