Overview

overview

10

Static

static

3

utility.exe

windows7-x64

1

utility.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    data.zip

  • Size

    571KB

  • Sample

    240428-bxp5padb27

  • MD5

    4a38787638cbb05e4150a05ed424fdf8

  • SHA1

    887c129671d52936ada678835112f361a7450f71

  • SHA256

    305b72d86e7f33741776c914949bf01ce0053185fe14dc70af6f1891a0d986e9

  • SHA512

    42df64409d3e4b820bcc95fbf659cea9562ffc56a5f41ef3feee2d5b656055023ae3d9f2f7c5e417e42a65ef8c218e748b5855e35570ca4edfe64bbcbfd641d3

  • SSDEEP

    12288:s4HVXOcSaGVGATKflHgQck+njDp5bsww2syITedFv/N2gALf:1HVXOcSnVG+cf1+jDp6w8rqLsgI

Score
10/10
rhadamanthysstealer

Malware Config

Targets

    • Target

      utility.exe

    • Size

      39KB

    • MD5

      f1b14f71252de9ac763dbfbfbfc8c2dc

    • SHA1

      dcc2dcb26c1649887f1d5ae557a000b5fe34bb98

    • SHA256

      796ea1d27ed5825e300c3c9505a87b2445886623235f3e41258de90ba1604cd5

    • SHA512

      636a32fb8a88a542783aa57fe047b6bca47b2bd23b41b3902671c4e9036c6dbb97576be27fd2395a988653e6b63714277873e077519b4a06cdc5f63d3c4224e0

    • SSDEEP

      768:YRQnUhG5bZDOTpkdD82YbQkRFokFWIILPUh:FWObZDOTpk5T6zqAh

    Score
    10/10
    rhadamanthysstealer

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks