Overview

overview

10

Static

static

1

1d50e02811...95.exe

windows7-x64

10

1d50e02811...95.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e313cf05660e5631a53dcd2223438433e6df1c5526c8d2582c72a9a3b3fb4ea6.7z

  • Size

    1.3MB

  • Sample

    240720-pm2mmaserb

  • MD5

    361765cbe0ae40ca39643ace86aa9460

  • SHA1

    89280e7441c5cbf3dd05eaa4ce795809dfa3e337

  • SHA256

    e313cf05660e5631a53dcd2223438433e6df1c5526c8d2582c72a9a3b3fb4ea6

  • SHA512

    91a01b3c6be8e804cde3ceb4232cbb7522061dda0d3afbe573097bd67306febefad14e569c8a703121a67a24487001e926f763e0dde0df647e73ab55e4ac2de9

  • SSDEEP

    24576:ZG/sq6DChpp1CJrcR4Vn7lxMrbCJLQ1Vm/hIvwg9BPTAVK3iyoyZGd0zU1WkO5s0:ZoLr1CJ+4nirbQ8nuhuw0B6KyN+QWzn

Score
10/10
rhadamanthysstealer

Malware Config

Targets

    • Target

      1d50e028116d5df70e1315bddf283d6f2ced3754c497d18c5a31c1dbaf618195

    • Size

      378.5MB

    • MD5

      42b344af30bb2cc4ec897a8896e08ac6

    • SHA1

      76c844e2c65c3b9556f837175d04c11985add9f5

    • SHA256

      1d50e028116d5df70e1315bddf283d6f2ced3754c497d18c5a31c1dbaf618195

    • SHA512

      c7a59d5eccac1285f60a66373dd8f175a48af109283413476f1d1ff6b7afa6b189a0919c77f3b6d62911dc362b52391699628869777d70002a2d7c54289ebca0

    • SSDEEP

      49152:lOO26ZtuoHjBw65ivfPxFY/Wc8Mjy+4vDF:lOO1nGRMW9MjEp

    Score
    10/10
    rhadamanthysstealer

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks