Overview

overview

10

Static

static

1

URLScan

urlscan

https://www.youtube....

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqazg0bjh2anJzcUJDY00tVGdZUHZ4V2ZzazJ4Z3xBQ3Jtc0tsTG1tV1poWkpZMjE4RmpBVUxaNURjTnVOcXh0WGhIa0FvbHpGd1JiNWd0T3REZlhHU2ZPT09xakdOQld2OUM4alM0V29ROXdjUHp0Z01oNk92NG5oYmhDazBIUWtIR0s2OU1IOGtJQ2ZRRkZMcEZJSQ&q=https%3A%2F%2Fgithub.com%2FEXSoft1%2FExSofts%2Freleases%2Fdownload%2FSoft%2FExSoftware.zip&v=BcgATk46IqA

  • Sample

    240825-p2c8kswglp

Score
10/10
rhadamanthysdiscoverystealer

Malware Config

Extracted

Family

rhadamanthys

C2

https://144.76.133.166:8034/5502b8a765a7d7349/71q10f6c.xvxit

Targets

    • Target

      https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqazg0bjh2anJzcUJDY00tVGdZUHZ4V2ZzazJ4Z3xBQ3Jtc0tsTG1tV1poWkpZMjE4RmpBVUxaNURjTnVOcXh0WGhIa0FvbHpGd1JiNWd0T3REZlhHU2ZPT09xakdOQld2OUM4alM0V29ROXdjUHp0Z01oNk92NG5oYmhDazBIUWtIR0s2OU1IOGtJQ2ZRRkZMcEZJSQ&q=https%3A%2F%2Fgithub.com%2FEXSoft1%2FExSofts%2Freleases%2Fdownload%2FSoft%2FExSoftware.zip&v=BcgATk46IqA

    Score
    10/10
    rhadamanthysdiscoverystealer

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks