Overview

overview

10

Static

static

3

AnyDesk.exe

windows7-x64

10

AnyDesk.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    AnyDesk.exe.v

  • Size

    5.2MB

  • Sample

    240905-kfz31axdrg

  • MD5

    17069fd6aafd857bf9ded67a6db7708a

  • SHA1

    32dd5d10187b4428970c52f0d74004edcca4d269

  • SHA256

    9628c360c683c89c70f74c8f55c46fece6f7375932f107bc0137ae1f7257d41c

  • SHA512

    a0295703dd030c8f87424aa4aef063c9f63e70983de5334e4ba9739facaa6f5920ce90b70d4207e67cd149428cdf145284aadae32783295bb6e3fdb3014d8851

  • SSDEEP

    98304:nLbb4p55b6I8ajCR+V1H06rt7yUEt0wpqy258hTGLxuya1AkycZWW3b3cmDk02Ex:nLbM5UIAQx06Z7ct1qN5SGLxuAkycZ9p

Score
10/10
rhadamanthysdiscoverystealer

Malware Config

Targets

    • Target

      AnyDesk.exe.v

    • Size

      5.2MB

    • MD5

      17069fd6aafd857bf9ded67a6db7708a

    • SHA1

      32dd5d10187b4428970c52f0d74004edcca4d269

    • SHA256

      9628c360c683c89c70f74c8f55c46fece6f7375932f107bc0137ae1f7257d41c

    • SHA512

      a0295703dd030c8f87424aa4aef063c9f63e70983de5334e4ba9739facaa6f5920ce90b70d4207e67cd149428cdf145284aadae32783295bb6e3fdb3014d8851

    • SSDEEP

      98304:nLbb4p55b6I8ajCR+V1H06rt7yUEt0wpqy258hTGLxuya1AkycZWW3b3cmDk02Ex:nLbM5UIAQx06Z7ct1qN5SGLxuAkycZ9p

    Score
    10/10
    rhadamanthysdiscoverystealer

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks