General
-
Target
Solara.zip
-
Size
13.4MB
-
Sample
240901-wwfj3sydra
-
MD5
6fe0bb4598fba38e1c2dc25b084ae38e
-
SHA1
7514257cc85b0a2d4b218f43f9a8f4dd61c545cf
-
SHA256
ceaed51bfaf0862e89a1790376ff6969bcc7c266e2c7b73cf67f57ad3ca7a397
-
SHA512
232b90973680eadbf11851fa20dc1e0ffbcae86f14bd8b605964a593775705cdc69dcb3cd9a5ab66ce18785c2a098df75f58392b1c3d6a04f28c57541fdc632b
-
SSDEEP
393216:+H7gx90ywmq3gvGQ1HUPri1xktbsUjOBo+mt:u7e92v+PRUDi1QvaoTt
Static task
static1
Behavioral task
behavioral1
Sample
Solara.zip
Resource
win11-20240802-en
Behavioral task
behavioral2
Sample
Password - github.txt
Resource
win11-20240802-en
Malware Config
Extracted
rhadamanthys
https://144.76.133.166:8034/5502b8a765a7d7349/k5851jfq.guti6
Targets
-
-
Target
Solara.zip
-
Size
13.4MB
-
MD5
6fe0bb4598fba38e1c2dc25b084ae38e
-
SHA1
7514257cc85b0a2d4b218f43f9a8f4dd61c545cf
-
SHA256
ceaed51bfaf0862e89a1790376ff6969bcc7c266e2c7b73cf67f57ad3ca7a397
-
SHA512
232b90973680eadbf11851fa20dc1e0ffbcae86f14bd8b605964a593775705cdc69dcb3cd9a5ab66ce18785c2a098df75f58392b1c3d6a04f28c57541fdc632b
-
SSDEEP
393216:+H7gx90ywmq3gvGQ1HUPri1xktbsUjOBo+mt:u7e92v+PRUDi1QvaoTt
Score10/10-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Suspicious use of SetThreadContext
-
-
-
Target
Password - github.txt
-
Size
17B
-
MD5
37681049ce7c84867108bfb4216689be
-
SHA1
f95e814713dfe83170513a6014aec373c9c0d006
-
SHA256
4ae8508642027b5e5373a40b38da75c2a36ee3e99f693650c0803168533dbbc7
-
SHA512
0b46362b0ae7afd192dee66e0fac2f213f2d93603adf9c2325eef23a22076f7eeccb2515313660881ebba1058fa5762f51eab143fb92c0c7e05b103a52d1b9fc
Score3/10 -