General
-
Target
MediaKit.rar
-
Size
338.3MB
-
Sample
240716-3dkjmsyajc
-
MD5
c84d796461eda5b41ccecd5649617dd9
-
SHA1
10d3d50d6db3775727acb1842df000fa990828d0
-
SHA256
671cbf9e293f8dbafa21335a7c96c5a6d802c5860db95d811ef02e07519a8942
-
SHA512
ea6c1b3075a9adfc60fe9e822fcc099ddbe578c9d8244eb49eede7f012b01a1ff7002864d4be57464671afd6b236d82293f183ecb963ab1f08f73f9e3359eb1c
-
SSDEEP
6291456:UYl8Db6aUH/Ho+VtuLd5guElCcLPK0bIEv686JN84qFIra8KDu:U5DbzUBtuL7xEldFI+6FZa8mu
Malware Config
Targets
-
-
Target
MediaKit/Promo agreement and terms of conditions WEB version.exe
-
Size
672.7MB
-
MD5
a1465334871aa174387b1894350125b3
-
SHA1
6ab848c84a42a168b7eccc67dcffabcfaa2313b7
-
SHA256
37b4ac9bbd942211dc79bcf7309f6603fa27985519867448c252385a01c4d9cc
-
SHA512
2518e64ed3299bb0642cdbfc046deba04d8b13b829b64649d83a88e82f5336fc6d0743d4fefd49d86e927803d87286f42aab15e8d292257bb1d7ff8b77fdfb0c
-
SSDEEP
49152:HGlUi4n6mwTJsg4Rb2opcS1b2DMDi6gdu5zuw+DZ5TmvqzRRUNPljy7Ls+qp:HGGipmBtdvpcS1h26gEXvqzgNPuE
Score10/10-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-