Overview

overview

10

Static

static

10

aef5c6fec5...19.exe

windows10-2004-x64

10

Resubmissions

27-11-2024 10:02

241127-l2378ayngy 10

16-07-2023 01:10

230716-bjkcaacb72 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    aef5c6fec5ea5f20f0e71f34d3777919.exe

  • Size

    448KB

  • Sample

    241127-l2378ayngy

  • MD5

    aef5c6fec5ea5f20f0e71f34d3777919

  • SHA1

    013c70c60334495904fa1e83a129dd3c369e6acf

  • SHA256

    01c7c28d8fcbded6bb906af11b34e65e19a71bc433fa3c8b5e615130f78028d5

  • SHA512

    bd48e8ec604e074b759b1c08c9d1e6adb90da902b4f23b9f37210ec32183c22a53d0a571d3c46bf43c32f47debc47313c0c98136ac6bc55bf1004b41c19f2774

  • SSDEEP

    6144:L/E8DIpjK28t4snQTlp3z/pSZ+pDKpf9EkQbKxVK+PXItNOapG8RuzRiRh3Zi:dEpj7snAv/cgu4VGn6OaM+ucj

Score
10/10
rhadamanthysdiscoverystealer

Malware Config

Extracted

Family

rhadamanthys

C2

https://45.12.253.92:7079/d93563d629a84c3/eig9lafq.2klt9

Targets

    • Target

      aef5c6fec5ea5f20f0e71f34d3777919.exe

    • Size

      448KB

    • MD5

      aef5c6fec5ea5f20f0e71f34d3777919

    • SHA1

      013c70c60334495904fa1e83a129dd3c369e6acf

    • SHA256

      01c7c28d8fcbded6bb906af11b34e65e19a71bc433fa3c8b5e615130f78028d5

    • SHA512

      bd48e8ec604e074b759b1c08c9d1e6adb90da902b4f23b9f37210ec32183c22a53d0a571d3c46bf43c32f47debc47313c0c98136ac6bc55bf1004b41c19f2774

    • SSDEEP

      6144:L/E8DIpjK28t4snQTlp3z/pSZ+pDKpf9EkQbKxVK+PXItNOapG8RuzRiRh3Zi:dEpj7snAv/cgu4VGn6OaM+ucj

    Score
    10/10
    rhadamanthysdiscoverystealer

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Rhadamanthys family

      rhadamanthys

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks