Overview

overview

10

Static

static

3

Installer/...er.exe

windows7-x64

3

Installer/...er.exe

windows10-2004-x64

10

Installer/...40.dll

windows7-x64

1

Installer/...40.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Installer.zip

  • Size

    33.1MB

  • Sample

    240930-tmjh9stgpm

  • MD5

    6420230e55d86b803559979b19ad96d7

  • SHA1

    52078a8431c95c7fef1b388779b4a3a46dba4047

  • SHA256

    d98832bfc040c10d3000a9afc90ec9f8d9adcfc12ad45bc6baabfa26f760d97b

  • SHA512

    f0fe2d9f30e29aa688427871d26f7eb72755187a37bdada54bc1c186a79dad942ed800e99748bb2693afa399fe3fbeaff74c40b9f49dbfce4b00f34a670662c6

  • SSDEEP

    786432:pMKSBSPHnbJ2ATLDV6bUw9dgiDB95DIS2Zn6rq9giCuiVxWW9EQIgUt:pdSSMAT9kgiDZb8nHniLWW9EQIv

Score
10/10
rhadamanthysdiscoverystealer

Malware Config

Extracted

Family

rhadamanthys

C2

https://135.181.4.162:2423/97e9fc994198e76/0frouaxb.8xg7f

Targets

    • Target

      Installer/Installer.exe

    • Size

      227KB

    • MD5

      b588f677ab42fdf4fb540d399e0c822d

    • SHA1

      8a23270696d6dc4e92c3afd515ba19fe8fc4bd3e

    • SHA256

      6c5af52675bd86c04c858774dfaecb12d67cbb492b5835ccfb6a41f7e594e3c0

    • SHA512

      3b7ae452c5f7f203135ff382b5d6e8790221538c086934a5857b1819e1aec19d5955a916ea3fbfaa1925b58ac0584412c050c618c5f63171547d4af0c9a27bd7

    • SSDEEP

      3072:PNGh0Mfkarr8cMvFBRqAlvdfcVfw6r4OlqJslIFdATelkIZch+5rixPZad:PN5Mf3pMvRvl0VfLtiF9lzZcU

    Score
    10/10
    discoveryrhadamanthysstealer

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

    • Target

      Installer/msvcp140.dll

    • Size

      729KB

    • MD5

      11191912b6e9e1cab76646190bd84ffa

    • SHA1

      fe421819ff3cf19e76cd62930c82352dceedf886

    • SHA256

      f0f5b19385687a6298530353d0183ec68f7255312da1dabca532bab8b18aec10

    • SHA512

      e930aa5d00218d187e24ea3a835946ac61f6b6839251f5607b971db18b47dcd1f5cb8004add500b857c596cc42b7fffd56418ef00b7ed314e6ce7a2f10fae464

    • SSDEEP

      12288:3ng2nEytb+51/9nnUDSHWBqf/qq3R5W8ZB4zmRzbaCsViRUF9DNEUguwj:3g2xMlp9f93PW8ZBS+zbT7sp6tuwj

    Score
    1/10
    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks