Overview

overview

10

Static

static

3

LockBit (1).rar

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    LockBit (1).rar

  • Size

    3.0MB

  • Sample

    241116-y9m77atbme

  • MD5

    f609b57eb9d64194112786c5411c8f2e

  • SHA1

    841b0eb93a9be59d4a4468330e915504ee9a5aee

  • SHA256

    f2363a572a7d408e1ea2a04fd2f5a23cd7c42db67d5111bf9a7541ab9f005ec9

  • SHA512

    577c83c0113d64d02e549661daade9e6d8bdd5360cc01d5d02325dd167f02fd3900ee186f8dabe9a5a250e2fc4a44ebb82ef136f4e0177b1b64c2d18f6835b41

  • SSDEEP

    98304:atRx753lm2dF+2dFdE2dFPINGokC8FH8NZjvN:atRxFlmeF+eF+eFwN4VQZjvN

Score
10/10
rhadamanthysdiscoverystealer

Malware Config

Extracted

Family

rhadamanthys

C2

https://195.3.223.126:4287/9d0dc091285eb9fbf2e/o8f3c8oj.8rdif

Targets

    • Target

      LockBit (1).rar

    • Size

      3.0MB

    • MD5

      f609b57eb9d64194112786c5411c8f2e

    • SHA1

      841b0eb93a9be59d4a4468330e915504ee9a5aee

    • SHA256

      f2363a572a7d408e1ea2a04fd2f5a23cd7c42db67d5111bf9a7541ab9f005ec9

    • SHA512

      577c83c0113d64d02e549661daade9e6d8bdd5360cc01d5d02325dd167f02fd3900ee186f8dabe9a5a250e2fc4a44ebb82ef136f4e0177b1b64c2d18f6835b41

    • SSDEEP

      98304:atRx753lm2dF+2dFdE2dFPINGokC8FH8NZjvN:atRxFlmeF+eF+eFwN4VQZjvN

    Score
    10/10
    rhadamanthysdiscoverystealer

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Rhadamanthys family

      rhadamanthys

    • Executes dropped EXE

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks