Overview

overview

10

Static

static

3

cryptolaemus

windows10-2004-x64

10

cryptolaemus

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6064ef6e5e2d1c432491f675e551844c1b99da343c76f5b34c19a8d940b129e6

  • Size

    456KB

  • Sample

    240805-tw54ma1gnq

  • MD5

    9c35f1315cb51f68e401d53196daaf8b

  • SHA1

    878abcbe65faa6a0697bef95955068aaf471dce8

  • SHA256

    6064ef6e5e2d1c432491f675e551844c1b99da343c76f5b34c19a8d940b129e6

  • SHA512

    a08eb8c7e25e4fd17eee87e86494f78d17c0b1b7c1e5f02b16131b94640cff5c6b6114ad8a408efb5f27077306fbf105536de87393e63d75e6c339ef1c8cef17

  • SSDEEP

    6144:2uWP/BtSnurUylcrGYlnIttxv8HbcLgsd1Gus5psdrvV44dixP+MHDkBYdxtG9+w:2uWP/BZUyoLu8Agsmxwrvejkd2

Score
10/10
rhadamanthysdiscoverystealer

Malware Config

Targets

    • Target

      6064ef6e5e2d1c432491f675e551844c1b99da343c76f5b34c19a8d940b129e6

    • Size

      456KB

    • MD5

      9c35f1315cb51f68e401d53196daaf8b

    • SHA1

      878abcbe65faa6a0697bef95955068aaf471dce8

    • SHA256

      6064ef6e5e2d1c432491f675e551844c1b99da343c76f5b34c19a8d940b129e6

    • SHA512

      a08eb8c7e25e4fd17eee87e86494f78d17c0b1b7c1e5f02b16131b94640cff5c6b6114ad8a408efb5f27077306fbf105536de87393e63d75e6c339ef1c8cef17

    • SSDEEP

      6144:2uWP/BtSnurUylcrGYlnIttxv8HbcLgsd1Gus5psdrvV44dixP+MHDkBYdxtG9+w:2uWP/BZUyoLu8Agsmxwrvejkd2

    Score
    10/10
    rhadamanthysdiscoverystealer

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Rhadamanthys family

      rhadamanthys

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks