Overview

overview

10

Static

static

10

OSU-FREEDO...om.exe

windows10-2004-x64

10

Resubmissions

27-11-2024 09:54

241127-lxghnaylhv 10

18-12-2023 21:10

231218-z1gvgsfbg6 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    OSU-FREEDOM-main.zip

  • Size

    688KB

  • Sample

    241127-lxghnaylhv

  • MD5

    1bcb29c6501c07faf938b3f967be18f1

  • SHA1

    ea26d87c1e37b44cd8328874e1603d5eb6b821cd

  • SHA256

    b46011c5f70960debda8166ad56d523bf8bbd19bd9a0a0a1346be4cb14dc2598

  • SHA512

    7e757cdef593b90ad66d827c21743d75efa9e5e7eb5843e5b9d2ee1eb5def08bdf2f3ca469eb0cd635f83b129cdc2907a4f359f08601a3ec1e6c290fa22e1e5b

  • SSDEEP

    12288:PPpzOlBu9mijskwPKiL/FjzsLT+zNe9fRallVelraYyDiPcbD5t5UY:PPpCDu9rqPZVsT+zNe9ZalnzYyR9Z

Score
10/10
rhadamanthysstealer

Malware Config

Extracted

Family

rhadamanthys

C2

https://95.214.55.177:2525/a8ee4140c073de1ec851bc2b/black.api

Targets

    • Target

      OSU-FREEDOM-main/freedom.exe

    • Size

      539KB

    • MD5

      32b86751d376ef214a26e50eecc6e67d

    • SHA1

      b6b7a830578cfe154b6c27d18ea7761630bb5363

    • SHA256

      60710a8b3e9d7b6985e6a2eab5c7ed57e2ee776db285ba69cc5b53c36110770f

    • SHA512

      00ee95b52e926173dc8dc85d6a0b21d5eb54e99a91047292be6e761b61bcd467d1551d30715707b67642741803e0c463f64b4ce1a2c72be2d7415b2dffee31f5

    • SSDEEP

      12288:gE50GSHrG6W42JcycysY0V3D9wCV+QnXGwnUP345WRgG3OkGGs/Lwmm:h+GSHrG6W42JcychY0FD9wCVPHw3yeJF

    Score
    10/10
    rhadamanthysstealer

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Rhadamanthys family

      rhadamanthys

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    behavioral1

MITRE ATT&CK Matrix

Tasks