Overview

overview

10

Static

static

3

b542b29e51...1).exe

windows7-x64

10

b542b29e51...1).exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b542b29e51e01cec685110991acf28937ad894ba30dc8e044ef66bb8acbed210(1)

  • Size

    458KB

  • Sample

    240731-133emswcnn

  • MD5

    8bf2696aceff7ca6512b0f9622c02b3d

  • SHA1

    4a712d9e84f047ad7acd9c1ea3be37184216e0af

  • SHA256

    b542b29e51e01cec685110991acf28937ad894ba30dc8e044ef66bb8acbed210

  • SHA512

    419792c4b6d3f3429f2b8985c4a6370f2dfe9d5fe79f2e4d33743fc570d60da0839063212606f3e8933c2a9e12db7e0dc92e0218b4702dbe1886e4d484ed64ef

  • SSDEEP

    6144:n/E8DIpjK28t4snQVlp3z/pSZ+pDKpf9EkQbKxVK+PXItNOapG8RuzRiRh3Zb:REpj7snSv/cgu4VGn6OaM+ucj

Score
10/10
rhadamanthysdiscoverystealer

Malware Config

Targets

    • Target

      b542b29e51e01cec685110991acf28937ad894ba30dc8e044ef66bb8acbed210(1)

    • Size

      458KB

    • MD5

      8bf2696aceff7ca6512b0f9622c02b3d

    • SHA1

      4a712d9e84f047ad7acd9c1ea3be37184216e0af

    • SHA256

      b542b29e51e01cec685110991acf28937ad894ba30dc8e044ef66bb8acbed210

    • SHA512

      419792c4b6d3f3429f2b8985c4a6370f2dfe9d5fe79f2e4d33743fc570d60da0839063212606f3e8933c2a9e12db7e0dc92e0218b4702dbe1886e4d484ed64ef

    • SSDEEP

      6144:n/E8DIpjK28t4snQVlp3z/pSZ+pDKpf9EkQbKxVK+PXItNOapG8RuzRiRh3Zb:REpj7snSv/cgu4VGn6OaM+ucj

    Score
    10/10
    rhadamanthysdiscoverystealer

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Rhadamanthys family

      rhadamanthys

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks