General
-
Target
launcher.exe
-
Size
35.9MB
-
Sample
241011-n8gznswekq
-
MD5
8493c18b6abe1c949cdfb7b85607ea12
-
SHA1
1b68df0319a0899e5ded197a6114f9af712d39b4
-
SHA256
87eec7252ebb3103d6cec3600bbba578226dff35786744b716948726a7443bc3
-
SHA512
e86b2a2889594a647ac467bb653fb2cee975dc31378ee2607fa28508af948a347015e93c87bf2e4fc69ddea94c558e19b9144efceff80186cdac6eb036f650c6
-
SSDEEP
393216:+1Du8BtuBw2FEL3Z3aLUoQvo6LP/SgbSpYvKEh1EdKwlGQKPJuGsiTfREsrgCYfd:+Mguj8Q4Vfv1qFTrY6
Static task
static1
Behavioral task
behavioral1
Sample
launcher.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
launcher.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
launcher.exe
-
Size
35.9MB
-
MD5
8493c18b6abe1c949cdfb7b85607ea12
-
SHA1
1b68df0319a0899e5ded197a6114f9af712d39b4
-
SHA256
87eec7252ebb3103d6cec3600bbba578226dff35786744b716948726a7443bc3
-
SHA512
e86b2a2889594a647ac467bb653fb2cee975dc31378ee2607fa28508af948a347015e93c87bf2e4fc69ddea94c558e19b9144efceff80186cdac6eb036f650c6
-
SSDEEP
393216:+1Du8BtuBw2FEL3Z3aLUoQvo6LP/SgbSpYvKEh1EdKwlGQKPJuGsiTfREsrgCYfd:+Mguj8Q4Vfv1qFTrY6
Score10/10-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Executes dropped EXE
-