General
-
Target
Installer-master-BlackMythWukong.msi
-
Size
43.8MB
-
Sample
240901-kgh6wawcql
-
MD5
4cbea3318f7107adb73e10fd8de96abf
-
SHA1
c6db50f856e92e5b0fa2f4b3855cbd58aa408fc1
-
SHA256
395c44cce9624a5750c97c313b5ede45ea36dd623bc71f7d1bf2e4964492dcd4
-
SHA512
724291101a4859c8e700ff762e48f6e2ded60fed23bfd64be7c438552c885b22d35b693ec03c2d234afe60d9defdc39ada77fedd9d3c881710935aa4e4f9b931
-
SSDEEP
786432:H8JJ5v6bZ0no3r27KIvSOcaVWfoyI4aEK0Gpqq++mFIjqEKrdLi9VMkryQs:HC5i10noy7KS/RVLCqpP++mF+gLBf
Static task
static1
Behavioral task
behavioral1
Sample
Installer-master-BlackMythWukong.msi
Resource
win11-20240802-en
Malware Config
Targets
-
-
Target
Installer-master-BlackMythWukong.msi
-
Size
43.8MB
-
MD5
4cbea3318f7107adb73e10fd8de96abf
-
SHA1
c6db50f856e92e5b0fa2f4b3855cbd58aa408fc1
-
SHA256
395c44cce9624a5750c97c313b5ede45ea36dd623bc71f7d1bf2e4964492dcd4
-
SHA512
724291101a4859c8e700ff762e48f6e2ded60fed23bfd64be7c438552c885b22d35b693ec03c2d234afe60d9defdc39ada77fedd9d3c881710935aa4e4f9b931
-
SSDEEP
786432:H8JJ5v6bZ0no3r27KIvSOcaVWfoyI4aEK0Gpqq++mFIjqEKrdLi9VMkryQs:HC5i10noy7KS/RVLCqpP++mF+gLBf
-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Modifies file permissions
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Defense Evasion
File and Directory Permissions Modification
1System Binary Proxy Execution
1Msiexec
1