General
-
Target
game_2024.zip
-
Size
2.0MB
-
Sample
240825-fp197swcmd
-
MD5
7c77a4f104c0d5f3ea91450d39720107
-
SHA1
b324b8486826ba1073fce3f869b2d4a997bf7c45
-
SHA256
e9c20fc894aaa64d5b2e4b00ab97194f6e0ceadd79bbc206cb41632567b5894a
-
SHA512
863760ac65c8857b6e79026e1a7ea7506177fd8465ed8875c390dd71a9907111b5e696e74b9d3417871f366dd095546788d4d070e86eb0f9902023dc95112d2c
-
SSDEEP
49152:Jf1XJrN8RWlJOc2AEvo8nAxL8TlBhp7lHFeEsj:J9XRF8vnAx4T/DlHFp4
Behavioral task
behavioral1
Sample
game_2024.zip
Resource
win11-20240802-en
Malware Config
Extracted
rhadamanthys
https://154.216.18.122:2013/fb9e53a2cacd52/hkabqexs.2mj2h
Targets
-
-
Target
game_2024.zip
-
Size
2.0MB
-
MD5
7c77a4f104c0d5f3ea91450d39720107
-
SHA1
b324b8486826ba1073fce3f869b2d4a997bf7c45
-
SHA256
e9c20fc894aaa64d5b2e4b00ab97194f6e0ceadd79bbc206cb41632567b5894a
-
SHA512
863760ac65c8857b6e79026e1a7ea7506177fd8465ed8875c390dd71a9907111b5e696e74b9d3417871f366dd095546788d4d070e86eb0f9902023dc95112d2c
-
SSDEEP
49152:Jf1XJrN8RWlJOc2AEvo8nAxL8TlBhp7lHFeEsj:J9XRF8vnAx4T/DlHFp4
Score10/10-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Drops file in System32 directory
-