General
-
Target
f9ecdc4cd55f91273fef14b24c82da1b23abdcf63914ffa42749f9c3b9389453
-
Size
5.6MB
-
Sample
240429-endl3shh7v
-
MD5
93a9e3c51d74beb9591c51a28d634048
-
SHA1
cab58975cadcd89d14e98ec0e5cf3a950d7ea479
-
SHA256
f9ecdc4cd55f91273fef14b24c82da1b23abdcf63914ffa42749f9c3b9389453
-
SHA512
6913fdcf261027cd8aae4a4f5a7c74c10cf570f364550fddc6f4369fa8e8702bef30d22130984fa592788e6e0afc96150f9f588d64811ed88da56a4c7f711b25
-
SSDEEP
98304:gAoK6oWRH2P1Y/abpyrjavXi/lQqBLm/Bn85w7dZBzr:KK6lx2Y/abYrsXXq1mJntdZBzr
Behavioral task
behavioral1
Sample
f9ecdc4cd55f91273fef14b24c82da1b23abdcf63914ffa42749f9c3b9389453.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
f9ecdc4cd55f91273fef14b24c82da1b23abdcf63914ffa42749f9c3b9389453.exe
Resource
win10-20240404-en
Malware Config
Targets
-
-
Target
f9ecdc4cd55f91273fef14b24c82da1b23abdcf63914ffa42749f9c3b9389453
-
Size
5.6MB
-
MD5
93a9e3c51d74beb9591c51a28d634048
-
SHA1
cab58975cadcd89d14e98ec0e5cf3a950d7ea479
-
SHA256
f9ecdc4cd55f91273fef14b24c82da1b23abdcf63914ffa42749f9c3b9389453
-
SHA512
6913fdcf261027cd8aae4a4f5a7c74c10cf570f364550fddc6f4369fa8e8702bef30d22130984fa592788e6e0afc96150f9f588d64811ed88da56a4c7f711b25
-
SSDEEP
98304:gAoK6oWRH2P1Y/abpyrjavXi/lQqBLm/Bn85w7dZBzr:KK6lx2Y/abYrsXXq1mJntdZBzr
Score10/10-
Detect ZGRat V1
-
Detects DLL dropped by Raspberry Robin.
Raspberry Robin.
-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-