General
-
Target
Solara.exe
-
Size
433KB
-
Sample
240831-hw8c7s1eqr
-
MD5
511f208e7b396defb7dce554e5d43ea4
-
SHA1
890ab67abca71bd4785204cede30a39d5a168aef
-
SHA256
cb6b38f445f334599088702569ed9c9d4b0a54c7c88097a16ec6e58055517a3c
-
SHA512
32b4cdbc0c5b4205e0ec02a38dc5b6086b35388ec76aadfc6565497c2466bca1e4ecc601a581856078c77719131e6c19e867e59c038605e3a430dfc1e8f13ecd
-
SSDEEP
12288:CCouY2+3Q1uRGysHZR0Ea6uatj8vxn8DDXOSb:vc1Q1pj5eEa6uS8ZnWX
Static task
static1
Behavioral task
behavioral1
Sample
Solara.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
Solara.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
rhadamanthys
https://144.76.133.166:8034/5502b8a765a7d7349/k5851jfq.guti6
Targets
-
-
Target
Solara.exe
-
Size
433KB
-
MD5
511f208e7b396defb7dce554e5d43ea4
-
SHA1
890ab67abca71bd4785204cede30a39d5a168aef
-
SHA256
cb6b38f445f334599088702569ed9c9d4b0a54c7c88097a16ec6e58055517a3c
-
SHA512
32b4cdbc0c5b4205e0ec02a38dc5b6086b35388ec76aadfc6565497c2466bca1e4ecc601a581856078c77719131e6c19e867e59c038605e3a430dfc1e8f13ecd
-
SSDEEP
12288:CCouY2+3Q1uRGysHZR0Ea6uatj8vxn8DDXOSb:vc1Q1pj5eEa6uS8ZnWX
Score10/10-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Suspicious use of SetThreadContext
-