Overview

overview

10

Static

static

3

sistercompetitive.exe

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    sistercompetitive.exe

  • Size

    7.3MB

  • Sample

    240909-e9sccssbqm

  • MD5

    b6798b22a6a137c247daa62fe852d953

  • SHA1

    597e7265d7918556c1d019d58ceadd504f48a854

  • SHA256

    471c981c11df004b941dad0175bc435f9c901bcb968ba9582f1a2181443d9ef4

  • SHA512

    a31b751173dbf50ec728d7f031c1d22de5e66120e8852110253071669f58a36b28c8769f9e8cebc88aa317348069bc7122842f428ccc643758a6e082218019b7

  • SSDEEP

    196608:dKtszGClpkmagqf/SLC+FPTgw0DrCy+QWH6b9f5aEy:YIlpkSX/F8ayew

Score
10/10
rhadamanthysdiscoverystealer

Malware Config

Extracted

Family

rhadamanthys

C2

https://45.202.35.41:2085/498d0f4cfcafbce1543c5cc/10m$

Targets

    • Target

      sistercompetitive.exe

    • Size

      7.3MB

    • MD5

      b6798b22a6a137c247daa62fe852d953

    • SHA1

      597e7265d7918556c1d019d58ceadd504f48a854

    • SHA256

      471c981c11df004b941dad0175bc435f9c901bcb968ba9582f1a2181443d9ef4

    • SHA512

      a31b751173dbf50ec728d7f031c1d22de5e66120e8852110253071669f58a36b28c8769f9e8cebc88aa317348069bc7122842f428ccc643758a6e082218019b7

    • SSDEEP

      196608:dKtszGClpkmagqf/SLC+FPTgw0DrCy+QWH6b9f5aEy:YIlpkSX/F8ayew

    Score
    10/10
    rhadamanthysdiscoverystealer

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks