General
-
Target
8d59ab8245f380aa60471522eea024f4336e791b676b30196995783cbe8a4519
-
Size
446KB
-
Sample
241107-ngpkfatngp
-
MD5
e0787750551ff5613f2e8834abd05ea4
-
SHA1
2d3befa9bdb75062f1857a514f8acfa9b681f531
-
SHA256
8d59ab8245f380aa60471522eea024f4336e791b676b30196995783cbe8a4519
-
SHA512
e5c44d7524b9b96dcce41196f393672eb54adb925ee3d82846385087256dc07c111a9a990795687eb0e14aab9985e00b2c661d48a5508a291a731e5dc5defbae
-
SSDEEP
12288:AtQgEYr14nB0cha/7p/p26sk2lWlQZIwR5i/LvwW:AzEgrP/HrglWlQZ
Malware Config
Extracted
rhadamanthys
https://135.181.4.162:2423/97e9fc994198e76/x513cq6t.dbeo8
Targets
-
-
Target
8d59ab8245f380aa60471522eea024f4336e791b676b30196995783cbe8a4519
-
Size
446KB
-
MD5
e0787750551ff5613f2e8834abd05ea4
-
SHA1
2d3befa9bdb75062f1857a514f8acfa9b681f531
-
SHA256
8d59ab8245f380aa60471522eea024f4336e791b676b30196995783cbe8a4519
-
SHA512
e5c44d7524b9b96dcce41196f393672eb54adb925ee3d82846385087256dc07c111a9a990795687eb0e14aab9985e00b2c661d48a5508a291a731e5dc5defbae
-
SSDEEP
12288:AtQgEYr14nB0cha/7p/p26sk2lWlQZIwR5i/LvwW:AzEgrP/HrglWlQZ
Score10/10-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Rhadamanthys family
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-