General
-
Target
rhjryjyj.exe
-
Size
467KB
-
Sample
240827-pastys1fnk
-
MD5
ab2d2914e268ac8754e408bdd6c109cd
-
SHA1
936a1529158b699ebfaf97e937f17936d321920c
-
SHA256
0f5978c1e5026feea6e28485ceb99b48105d73a77517faf40c1e57d638a5cdd4
-
SHA512
c421cb6c41640e1866b891c941151903ad51e04a437b6d90faa6c732f2e98ef4172631453f9a60dcd8c0e4ffd39ec8c13277961c06a4119b10aff91037318fcf
-
SSDEEP
12288:B67J/HG/VFbEB46/qW7MzwwQsWWejzl1OplmA39:B69tlCWM8wQsWW2FA39
Static task
static1
Behavioral task
behavioral1
Sample
rhjryjyj.exe
Resource
win10-20240404-en
Behavioral task
behavioral2
Sample
rhjryjyj.exe
Resource
win7-20240708-en
Behavioral task
behavioral3
Sample
rhjryjyj.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral4
Sample
rhjryjyj.exe
Resource
win11-20240802-en
Malware Config
Extracted
rhadamanthys
https://45.159.188.37:443/44194499adc4d2b753ee/gcj8ajmp.qnu3f
Targets
-
-
Target
rhjryjyj.exe
-
Size
467KB
-
MD5
ab2d2914e268ac8754e408bdd6c109cd
-
SHA1
936a1529158b699ebfaf97e937f17936d321920c
-
SHA256
0f5978c1e5026feea6e28485ceb99b48105d73a77517faf40c1e57d638a5cdd4
-
SHA512
c421cb6c41640e1866b891c941151903ad51e04a437b6d90faa6c732f2e98ef4172631453f9a60dcd8c0e4ffd39ec8c13277961c06a4119b10aff91037318fcf
-
SSDEEP
12288:B67J/HG/VFbEB46/qW7MzwwQsWWejzl1OplmA39:B69tlCWM8wQsWW2FA39
Score10/10-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-