General

  • Target

    8cd2db13b9e1c30d9c1e7b233f1383c54cc794c501db03d92638c5c706a094e8.exe

  • Size

    16.6MB

  • Sample

    241011-mqs4jstbmq

  • MD5

    1d9ff0bd9ea42831f3bf1fdb7d0da614

  • SHA1

    08a966dcfd2f72394a8cb9e65c46d67a2cfbb7c6

  • SHA256

    8cd2db13b9e1c30d9c1e7b233f1383c54cc794c501db03d92638c5c706a094e8

  • SHA512

    a7419987678ac7e9ab850fbc6b680b70f80903cce597ef2ef03be2b62d0d633b118655fc72b26d6bf404f798de55f463b2c6760c9e4cb147cd16a48332913705

  • SSDEEP

    393216:8nKVnXcAt/cWmKtNz99Sghe0S+zAQIkCZKNHfFEuOyjqG:wiXcAtkkNzneuIHZaHfFayj7

Malware Config

Targets

    • Target

      8cd2db13b9e1c30d9c1e7b233f1383c54cc794c501db03d92638c5c706a094e8.exe

    • Size

      16.6MB

    • MD5

      1d9ff0bd9ea42831f3bf1fdb7d0da614

    • SHA1

      08a966dcfd2f72394a8cb9e65c46d67a2cfbb7c6

    • SHA256

      8cd2db13b9e1c30d9c1e7b233f1383c54cc794c501db03d92638c5c706a094e8

    • SHA512

      a7419987678ac7e9ab850fbc6b680b70f80903cce597ef2ef03be2b62d0d633b118655fc72b26d6bf404f798de55f463b2c6760c9e4cb147cd16a48332913705

    • SSDEEP

      393216:8nKVnXcAt/cWmKtNz99Sghe0S+zAQIkCZKNHfFEuOyjqG:wiXcAtkkNzneuIHZaHfFayj7

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks