General
-
Target
1d1505d6acae5dfe0ad58fddd7933cfc.exe
-
Size
442KB
-
Sample
241010-hgykfszeqe
-
MD5
1d1505d6acae5dfe0ad58fddd7933cfc
-
SHA1
ec64dd991550788047d6e512b8d17a7d73e48c6a
-
SHA256
46298b16b10079f44ee9515920de3391bd0590c36427e15ba81841a5e686bb79
-
SHA512
ee14b7b6b1b9845d61786a11f1d5da757898212d634637aceb276077c803b79e614fe46a07403108c4430e82010adccc5b32a0183e85b998f38ed9f7030d70bf
-
SSDEEP
12288:m+RQLpoHCpa7QDoGukWV1hC8kVOYfCYfQ8O6akF19ecKPs:mtNDILn8u
Static task
static1
Behavioral task
behavioral1
Sample
1d1505d6acae5dfe0ad58fddd7933cfc.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
1d1505d6acae5dfe0ad58fddd7933cfc.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
rhadamanthys
https://135.181.4.162:2423/97e9fc994198e76/q4cs18w4.g9muv
Targets
-
-
Target
1d1505d6acae5dfe0ad58fddd7933cfc.exe
-
Size
442KB
-
MD5
1d1505d6acae5dfe0ad58fddd7933cfc
-
SHA1
ec64dd991550788047d6e512b8d17a7d73e48c6a
-
SHA256
46298b16b10079f44ee9515920de3391bd0590c36427e15ba81841a5e686bb79
-
SHA512
ee14b7b6b1b9845d61786a11f1d5da757898212d634637aceb276077c803b79e614fe46a07403108c4430e82010adccc5b32a0183e85b998f38ed9f7030d70bf
-
SSDEEP
12288:m+RQLpoHCpa7QDoGukWV1hC8kVOYfCYfQ8O6akF19ecKPs:mtNDILn8u
Score10/10-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-