General
-
Target
51aa455d8f3a0c945cc27efa900882d642a4c92ea157496236e4e5928e71f9edN
-
Size
618KB
-
Sample
241011-hh76aavhnk
-
MD5
e49c45ea2393255a13adbbc61792d410
-
SHA1
9475a0426f96d9197f32b889519e74ef6ee649ef
-
SHA256
51aa455d8f3a0c945cc27efa900882d642a4c92ea157496236e4e5928e71f9ed
-
SHA512
b9b60cec2e6e6aeb3d9b4db4f180a3df6e3d09dd25992924a0fc69e1d9fa66516e4bbe3c0cfc632711694e5b2492cdafda63464ac4209a907bed57f949556587
-
SSDEEP
12288:lKAJjMvw/GSrDdQVrsgjEK9yf0iukoZQuFZcwc6Y7TzXgkRK9myrKc:lKqMvM54jM5KFZQ6oJRiRN
Malware Config
Extracted
rhadamanthys
https://135.181.4.162:2423/97e9fc994198e76/0frouaxb.8xg7f
Targets
-
-
Target
51aa455d8f3a0c945cc27efa900882d642a4c92ea157496236e4e5928e71f9edN
-
Size
618KB
-
MD5
e49c45ea2393255a13adbbc61792d410
-
SHA1
9475a0426f96d9197f32b889519e74ef6ee649ef
-
SHA256
51aa455d8f3a0c945cc27efa900882d642a4c92ea157496236e4e5928e71f9ed
-
SHA512
b9b60cec2e6e6aeb3d9b4db4f180a3df6e3d09dd25992924a0fc69e1d9fa66516e4bbe3c0cfc632711694e5b2492cdafda63464ac4209a907bed57f949556587
-
SSDEEP
12288:lKAJjMvw/GSrDdQVrsgjEK9yf0iukoZQuFZcwc6Y7TzXgkRK9myrKc:lKqMvM54jM5KFZQ6oJRiRN
Score10/10-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Suspicious use of SetThreadContext
-