Overview

overview

10

Static

static

1

URLScan

urlscan

https://www.youtube....

windows10-2004-x64

10

Resubmissions

12-10-2024 13:31

241012-qslc9sxdmq 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    https://www.youtube.com/redirect?event=channel_header&redir_token=QUFFLUhqbmUtSC0zRE5ZbjBUV1ViZVEwa3l0WWVoQUhHZ3xBQ3Jtc0tsVUFVRHdldFdjOFRaU1BHWVl2U2dMQ3haaTk2bUlOdklTMlh4THo4eW1zUk96MlJyNDJURXBzZEI1dVg5Wkl6YUszUHZCNmZMaDZpV2tUcmE1am82bGJRUEN2R1EtWENqWC02UXByMTRlSHJxdEVhUQ&q=https%3A%2F%2Fwww.dropbox.com%2Fscl%2Ffi%2Fgg03euqc666i85vxu348f%2Flauncher.zip%3Frlkey%3D3pe412ttsoqn88rlj1epcc2dh%26st%3Dy1dutk2h%26dl%3D1

  • Sample

    241012-qslc9sxdmq

Score
10/10
rhadamanthysdiscoveryexecutionstealer

Malware Config

Targets

    • Target

      https://www.youtube.com/redirect?event=channel_header&redir_token=QUFFLUhqbmUtSC0zRE5ZbjBUV1ViZVEwa3l0WWVoQUhHZ3xBQ3Jtc0tsVUFVRHdldFdjOFRaU1BHWVl2U2dMQ3haaTk2bUlOdklTMlh4THo4eW1zUk96MlJyNDJURXBzZEI1dVg5Wkl6YUszUHZCNmZMaDZpV2tUcmE1am82bGJRUEN2R1EtWENqWC02UXByMTRlSHJxdEVhUQ&q=https%3A%2F%2Fwww.dropbox.com%2Fscl%2Ffi%2Fgg03euqc666i85vxu348f%2Flauncher.zip%3Frlkey%3D3pe412ttsoqn88rlj1epcc2dh%26st%3Dy1dutk2h%26dl%3D1

    Score
    10/10
    rhadamanthysdiscoveryexecutionstealer

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Command and Scripting Interpreter: PowerShell

      Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

      execution

    • Executes dropped EXE

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks