General

  • Target

    95e31ee2a74f11c0705e9eec34cd2707986f5c962eb751cfd3abdcb6b98cf19d.exe

  • Size

    13.5MB

  • Sample

    240807-cabjfsxenp

  • MD5

    2d49f4f1c9964d0f735c46fc0750561e

  • SHA1

    69fbd91314fb0543b627df7a3688fcf067111846

  • SHA256

    95e31ee2a74f11c0705e9eec34cd2707986f5c962eb751cfd3abdcb6b98cf19d

  • SHA512

    f4230ac53e6a23a330ab2cb2189504c50f10597c50fead263d6d48eb2c671ea2d5c18b19c0dca99f39e9915258da3f4ac174a6a739f8f16eac786c4480494327

  • SSDEEP

    98304:FIblLdzWste0R8lsJdf0EMVTZvWYOht+GZQ1Iod5f:4LtWstKlsJdfNhtHZQL5f

Malware Config

Targets

    • Target

      95e31ee2a74f11c0705e9eec34cd2707986f5c962eb751cfd3abdcb6b98cf19d.exe

    • Size

      13.5MB

    • MD5

      2d49f4f1c9964d0f735c46fc0750561e

    • SHA1

      69fbd91314fb0543b627df7a3688fcf067111846

    • SHA256

      95e31ee2a74f11c0705e9eec34cd2707986f5c962eb751cfd3abdcb6b98cf19d

    • SHA512

      f4230ac53e6a23a330ab2cb2189504c50f10597c50fead263d6d48eb2c671ea2d5c18b19c0dca99f39e9915258da3f4ac174a6a739f8f16eac786c4480494327

    • SSDEEP

      98304:FIblLdzWste0R8lsJdf0EMVTZvWYOht+GZQ1Iod5f:4LtWstKlsJdfNhtHZQL5f

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks