Overview

overview

10

Static

static

3

bde8a56099...5d.exe

windows7-x64

10

bde8a56099...5d.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bde8a56099e963326c9eaee2646e29e235b84ffdd7ac85f97d67ec68640a255d.exe

  • Size

    3.3MB

  • Sample

    240720-nvxg7syfkp

  • MD5

    a5348648cce5fb982bdb992a60aeba94

  • SHA1

    74d285504529a846bd90db748318400523ba3ca9

  • SHA256

    bde8a56099e963326c9eaee2646e29e235b84ffdd7ac85f97d67ec68640a255d

  • SHA512

    1487b70235698547c5337f8bf88a395d5eb5084b9fb5fad4783b8a99f13aefff62450537d58cd0d6293bd52992461ddf322fd65d7fac875235cdb073cba6c598

  • SSDEEP

    49152:m6bw93+kyYokUNKKqnMsIdApB5r1c+VCvGCXAYzLFgfcYIz:m6i32kUNRqMsIKpHr1cMC+CXRzLucVz

Score
10/10
rhadamanthysstealer

Malware Config

Targets

    • Target

      bde8a56099e963326c9eaee2646e29e235b84ffdd7ac85f97d67ec68640a255d.exe

    • Size

      3.3MB

    • MD5

      a5348648cce5fb982bdb992a60aeba94

    • SHA1

      74d285504529a846bd90db748318400523ba3ca9

    • SHA256

      bde8a56099e963326c9eaee2646e29e235b84ffdd7ac85f97d67ec68640a255d

    • SHA512

      1487b70235698547c5337f8bf88a395d5eb5084b9fb5fad4783b8a99f13aefff62450537d58cd0d6293bd52992461ddf322fd65d7fac875235cdb073cba6c598

    • SSDEEP

      49152:m6bw93+kyYokUNKKqnMsIdApB5r1c+VCvGCXAYzLFgfcYIz:m6i32kUNRqMsIKpHr1cMC+CXRzLucVz

    Score
    10/10
    rhadamanthysstealer

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks