Overview

overview

10

Static

static

3

5644d8033a...96.exe

windows7-x64

7

5644d8033a...96.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5644d8033adcae58aa3e53ca7756ade4fd238807da435e8703b1b8dcc80b2b96

  • Size

    3.7MB

  • Sample

    240502-fmapgabe69

  • MD5

    2aab0f3bbdd8818453e227105c4a7acd

  • SHA1

    83fbd5e73c322ee2bcf28dc8bf8b0a38d0994683

  • SHA256

    5644d8033adcae58aa3e53ca7756ade4fd238807da435e8703b1b8dcc80b2b96

  • SHA512

    8772952f5a19c658c863fed8f72b61f755cc4a9b45a861464f8605f165081140bca232520fa0dac10c49cc581123a4abec94b930fb93b1296b1fb45a6929e641

  • SSDEEP

    98304:KfUbmJehf++JJFSP/h3GhBYr1pgAWQc6lbfRIhRItWPt26ma:KfUSJsjfSP/hGjGBNDfChCtWPc6ma

Score
10/10
rhadamanthysstealer

Malware Config

Targets

    • Target

      5644d8033adcae58aa3e53ca7756ade4fd238807da435e8703b1b8dcc80b2b96

    • Size

      3.7MB

    • MD5

      2aab0f3bbdd8818453e227105c4a7acd

    • SHA1

      83fbd5e73c322ee2bcf28dc8bf8b0a38d0994683

    • SHA256

      5644d8033adcae58aa3e53ca7756ade4fd238807da435e8703b1b8dcc80b2b96

    • SHA512

      8772952f5a19c658c863fed8f72b61f755cc4a9b45a861464f8605f165081140bca232520fa0dac10c49cc581123a4abec94b930fb93b1296b1fb45a6929e641

    • SSDEEP

      98304:KfUbmJehf++JJFSP/h3GhBYr1pgAWQc6lbfRIhRItWPt26ma:KfUSJsjfSP/hGjGBNDfChCtWPc6ma

    Score
    10/10
    rhadamanthysstealer

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Tasks