Overview

overview

10

Static

static

3

winprofile

windows7-x64

1

winprofile

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cc702f6be6f65fd3e56e73c274a7e3e8ff63d4e18cf47b4525cc1cd9040cdc75

  • Size

    4.7MB

  • Sample

    240429-ena6yshf52

  • MD5

    7adc2b31432caafba0ed9d52462be282

  • SHA1

    58f3e9434b91bcc5d1592c15699e15eff51c06f4

  • SHA256

    cc702f6be6f65fd3e56e73c274a7e3e8ff63d4e18cf47b4525cc1cd9040cdc75

  • SHA512

    004b9965aeea14dd6b613f5a0b7a0c80c021179814dbc41287a9a0c070ad743d360803e0654614334885193a26a8aee8c001931d4ecd8ab219a806005fd1d244

  • SSDEEP

    98304:CyW64h3r9HmzVv/LxaXSufJX70CtvLnupsdgoj9ghi1RebMIg9Cbk/V+:+7hBcVv16zupsdgojDIg9Cbk/V+

Score
10/10
rhadamanthysstealer

Malware Config

Targets

    • Target

      cc702f6be6f65fd3e56e73c274a7e3e8ff63d4e18cf47b4525cc1cd9040cdc75

    • Size

      4.7MB

    • MD5

      7adc2b31432caafba0ed9d52462be282

    • SHA1

      58f3e9434b91bcc5d1592c15699e15eff51c06f4

    • SHA256

      cc702f6be6f65fd3e56e73c274a7e3e8ff63d4e18cf47b4525cc1cd9040cdc75

    • SHA512

      004b9965aeea14dd6b613f5a0b7a0c80c021179814dbc41287a9a0c070ad743d360803e0654614334885193a26a8aee8c001931d4ecd8ab219a806005fd1d244

    • SSDEEP

      98304:CyW64h3r9HmzVv/LxaXSufJX70CtvLnupsdgoj9ghi1RebMIg9Cbk/V+:+7hBcVv16zupsdgojDIg9Cbk/V+

    Score
    10/10
    rhadamanthysstealer

    • Detects DLL dropped by Raspberry Robin.

      Raspberry Robin.

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks