Overview

overview

10

Static

static

1

Authentica....1.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Authenticator_v5.1.exe

  • Size

    1.9MB

  • Sample

    240731-y4ec4a1eqn

  • MD5

    c607e5a15a55a85f0fd6339c75dbe769

  • SHA1

    36e24f54dd93166a2d42ebb222d4c15eefe7239b

  • SHA256

    bd403309f8f43fc34d64917720f55c1dbcc50f250f1210bc8dec6c704d4ed461

  • SHA512

    db157472ad89553b0a9578da6b5a5b07abe30741509f097f359fb1c40db3818e94f8134513d52627f0e889731dbdf4fc0bf4375ff3a0bdbb0892ca6e108391a6

  • SSDEEP

    49152:IebOsgxw8eSymL1zO69MOpJjyTVKueFU4NXJ:P+N1K+luelXJ

Score
10/10
rhadamanthysdiscoverystealer

Malware Config

Targets

    • Target

      Authenticator_v5.1.exe

    • Size

      1.9MB

    • MD5

      c607e5a15a55a85f0fd6339c75dbe769

    • SHA1

      36e24f54dd93166a2d42ebb222d4c15eefe7239b

    • SHA256

      bd403309f8f43fc34d64917720f55c1dbcc50f250f1210bc8dec6c704d4ed461

    • SHA512

      db157472ad89553b0a9578da6b5a5b07abe30741509f097f359fb1c40db3818e94f8134513d52627f0e889731dbdf4fc0bf4375ff3a0bdbb0892ca6e108391a6

    • SSDEEP

      49152:IebOsgxw8eSymL1zO69MOpJjyTVKueFU4NXJ:P+N1K+luelXJ

    Score
    10/10
    rhadamanthysdiscoverystealer

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Executes dropped EXE

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks