General
-
Target
launcher.exe
-
Size
35.9MB
-
Sample
241014-ch9ffswbkd
-
MD5
a005515ec895596dedf37353c36cf316
-
SHA1
2194e563495ee86dde3e81ef7a38f954ce37f649
-
SHA256
b4319210ed63ced7b431ef15430a5a98dadf9601af2ec882d00b48e1aefca6c8
-
SHA512
2a7314a91e745e4a4b67db70acb445a187eaf18f71ec9b81aba7a1794ee9e4413ec6ecd47c4a36813bd1b1a184cded750cebaf57fd4873664791f8848765f170
-
SSDEEP
393216:M1Du8BtuBw2FEL3Z3aLUoQvo6LP/SgbSpYvKEh1EdKwlGQKPJuGsiTfREsrgCYfc:MMguj8Q4VfvPqFTrYb
Static task
static1
Behavioral task
behavioral1
Sample
launcher.exe
Resource
win10-20240404-en
Behavioral task
behavioral2
Sample
launcher.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
launcher.exe
Resource
win11-20241007-en
Malware Config
Targets
-
-
Target
launcher.exe
-
Size
35.9MB
-
MD5
a005515ec895596dedf37353c36cf316
-
SHA1
2194e563495ee86dde3e81ef7a38f954ce37f649
-
SHA256
b4319210ed63ced7b431ef15430a5a98dadf9601af2ec882d00b48e1aefca6c8
-
SHA512
2a7314a91e745e4a4b67db70acb445a187eaf18f71ec9b81aba7a1794ee9e4413ec6ecd47c4a36813bd1b1a184cded750cebaf57fd4873664791f8848765f170
-
SSDEEP
393216:M1Du8BtuBw2FEL3Z3aLUoQvo6LP/SgbSpYvKEh1EdKwlGQKPJuGsiTfREsrgCYfc:MMguj8Q4VfvPqFTrYb
Score10/10-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Executes dropped EXE
-
Enumerates processes with tasklist
-