Overview

overview

10

Static

static

3

1.pdf

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1.pdf

  • Size

    1013KB

  • Sample

    240824-xkwbtstfle

  • MD5

    64c3529b5e79230e3b3c36f1069bf394

  • SHA1

    aba241bfbb588bee372efe8953b5f1ad73d3c713

  • SHA256

    e08634027ca7fc719e50bf15f94ed5148fb34d0d589c2df0b81ec348b8b45371

  • SHA512

    e8e453c9883fd5ddfb6204971f346acc237f8afaeeb083d83af94fae1acae476453beb5b0ecf6edc57668968a7736fc095e23a87436154767dd8af8a10686b63

  • SSDEEP

    24576:VRtydZmeb9tvRTBbR0kjQ+gcdcenmGevpEA8D:iZ1bNBvfcOeBERD

Score
10/10
rhadamanthysdiscoverylinkpdfstealer

Malware Config

Extracted

Family

rhadamanthys

C2

https://154.216.18.122:2013/fb9e53a2cacd52/hkabqexs.2mj2h

Targets

    • Target

      1.pdf

    • Size

      1013KB

    • MD5

      64c3529b5e79230e3b3c36f1069bf394

    • SHA1

      aba241bfbb588bee372efe8953b5f1ad73d3c713

    • SHA256

      e08634027ca7fc719e50bf15f94ed5148fb34d0d589c2df0b81ec348b8b45371

    • SHA512

      e8e453c9883fd5ddfb6204971f346acc237f8afaeeb083d83af94fae1acae476453beb5b0ecf6edc57668968a7736fc095e23a87436154767dd8af8a10686b63

    • SSDEEP

      24576:VRtydZmeb9tvRTBbR0kjQ+gcdcenmGevpEA8D:iZ1bNBvfcOeBERD

    Score
    10/10
    rhadamanthysdiscoverystealer

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks