General

  • Target

    D4E07D9CC1EAA08E84D2679F89829A4E8DEC000B6AD1C793C3500DF77F746B69

  • Size

    78.7MB

  • Sample

    241220-c42yhaxpdm

  • MD5

    d83a4f163a9a76a81dabcb7123df01d5

  • SHA1

    765d934964ce4d11bf37d662083d497f4fd685fe

  • SHA256

    d4e07d9cc1eaa08e84d2679f89829a4e8dec000b6ad1c793c3500df77f746b69

  • SHA512

    758a2fadbf033c54584ab7affd2a7291ec86a43da1b0b0c0d85a10df595643799e9c8796c3abb0e2262212ab5051f1ae8894b8fd0039710e8bce4d1da749b85c

  • SSDEEP

    1572864:gIP31m/9JRLQwY9FhWYeWmetINN6Hy/S5PQtOACiK1IHAdoI:TNoRLQwY9F+NrkFYup

Malware Config

Targets

    • Target

      D4E07D9CC1EAA08E84D2679F89829A4E8DEC000B6AD1C793C3500DF77F746B69

    • Size

      78.7MB

    • MD5

      d83a4f163a9a76a81dabcb7123df01d5

    • SHA1

      765d934964ce4d11bf37d662083d497f4fd685fe

    • SHA256

      d4e07d9cc1eaa08e84d2679f89829a4e8dec000b6ad1c793c3500df77f746b69

    • SHA512

      758a2fadbf033c54584ab7affd2a7291ec86a43da1b0b0c0d85a10df595643799e9c8796c3abb0e2262212ab5051f1ae8894b8fd0039710e8bce4d1da749b85c

    • SSDEEP

      1572864:gIP31m/9JRLQwY9FhWYeWmetINN6Hy/S5PQtOACiK1IHAdoI:TNoRLQwY9F+NrkFYup

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Rhadamanthys family

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Suspicious use of NtCreateThreadExHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks