Overview

overview

10

Static

static

10

LXN.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    LXN.exe

  • Size

    423KB

  • Sample

    241020-3scscaxdke

  • MD5

    b4f902709f1ac4b9bdd0be05c9d3cc4c

  • SHA1

    2a6d8f3f52826c9d532497958b0047b89d444f35

  • SHA256

    3b4a1126725e6029e56fae177fdf0869594528b7c48d7cde366fcefb946672e3

  • SHA512

    61d8f750b94702d199500176edf1e45e0dbcbe87e486e6dd7c8c408e0cd80ad2cd5d6579524b52f2080c320532ec7113e90691d6294dcfc23c4aa64dccfb0172

  • SSDEEP

    6144:YAYM3ZEWqf/qwPF7LR5W8ZJ74zmRiOFBbMh9q/JSW3ChNeK06iiRzmi0F9:YWBqf/qq3R5W8ZB4zmRzbaBsViRUF9

Score
10/10
rhadamanthysdiscoverystealer

Malware Config

Extracted

Family

rhadamanthys

C2

https://185.196.11.237:9697/f002171ab05c7/hip4946p.881o6

Targets

    • Target

      LXN.exe

    • Size

      423KB

    • MD5

      b4f902709f1ac4b9bdd0be05c9d3cc4c

    • SHA1

      2a6d8f3f52826c9d532497958b0047b89d444f35

    • SHA256

      3b4a1126725e6029e56fae177fdf0869594528b7c48d7cde366fcefb946672e3

    • SHA512

      61d8f750b94702d199500176edf1e45e0dbcbe87e486e6dd7c8c408e0cd80ad2cd5d6579524b52f2080c320532ec7113e90691d6294dcfc23c4aa64dccfb0172

    • SSDEEP

      6144:YAYM3ZEWqf/qwPF7LR5W8ZJ74zmRiOFBbMh9q/JSW3ChNeK06iiRzmi0F9:YWBqf/qq3R5W8ZB4zmRzbaBsViRUF9

    Score
    10/10
    rhadamanthysdiscoverystealer

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks