Overview

overview

10

Static

static

1

XWorm-Remo...s-Tool

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    XWorm-Remote-Access-Tool

  • Size

    281KB

  • Sample

    250105-tng2ts1mdn

  • MD5

    65144d8fc0b5a0fde2ee124726fad169

  • SHA1

    aa7aac2d1b5a9be008ca9adf74e457780e170f89

  • SHA256

    2adc0d57769484c1d72d873cc4e9b20fedf5e552ff9f36ee572253a1ef864318

  • SHA512

    6be657e20bd9fc572bb1abba83b0e7d85d13ecbd58aeefb6e3ef90a6e321698d7448a3b40f12784424c3d37a1fdf138d5212c129efd3691f441d4280cb49b476

  • SSDEEP

    6144:c4NPJpOL/saqkPV9Fe2LtcIDSsmwM9XvZJT3CqbMrhryf65NRPaCieMjAkvCJv1N:VNPJpOL/saqkPV9Fe2LtcIDSsmwM9Xv6

Score
10/10
rhadamanthysdiscoverystealer

Malware Config

Targets

    • Target

      XWorm-Remote-Access-Tool

    • Size

      281KB

    • MD5

      65144d8fc0b5a0fde2ee124726fad169

    • SHA1

      aa7aac2d1b5a9be008ca9adf74e457780e170f89

    • SHA256

      2adc0d57769484c1d72d873cc4e9b20fedf5e552ff9f36ee572253a1ef864318

    • SHA512

      6be657e20bd9fc572bb1abba83b0e7d85d13ecbd58aeefb6e3ef90a6e321698d7448a3b40f12784424c3d37a1fdf138d5212c129efd3691f441d4280cb49b476

    • SSDEEP

      6144:c4NPJpOL/saqkPV9Fe2LtcIDSsmwM9XvZJT3CqbMrhryf65NRPaCieMjAkvCJv1N:VNPJpOL/saqkPV9Fe2LtcIDSsmwM9Xv6

    Score
    10/10
    rhadamanthysdiscoverystealer

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Rhadamanthys family

      rhadamanthys

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks