Overview

overview

10

Static

static

1

ST.exe

windows7-x64

10

ST.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ST.exe

  • Size

    14.8MB

  • Sample

    250205-htwavsvqgs

  • MD5

    69faf96407c407a1bf211be76f919bbf

  • SHA1

    7c7de8b16d7e3fe1f73800fa233643a3d0f4acac

  • SHA256

    46b84b2fee0b41e72b3e9f23a852f99f0d726e5c8e37838ad25114b6cafb78f4

  • SHA512

    15b5309deb50900aad2649624ace4f24f44a50d954dd295a5a13bd505adab167f3f893043cd41c445c98cbadeb36a6db377edee9adf94358799737c762484cbb

  • SSDEEP

    393216:aSROShqgErsTyid5GqtHxdKBHTSyx+2LbLlpNPAJ4xxHHP6:dIQGm5ddK0yI2Lfl3bv6

Score
10/10
rhadamanthysdiscoverystealer

Malware Config

Targets

    • Target

      ST.exe

    • Size

      14.8MB

    • MD5

      69faf96407c407a1bf211be76f919bbf

    • SHA1

      7c7de8b16d7e3fe1f73800fa233643a3d0f4acac

    • SHA256

      46b84b2fee0b41e72b3e9f23a852f99f0d726e5c8e37838ad25114b6cafb78f4

    • SHA512

      15b5309deb50900aad2649624ace4f24f44a50d954dd295a5a13bd505adab167f3f893043cd41c445c98cbadeb36a6db377edee9adf94358799737c762484cbb

    • SSDEEP

      393216:aSROShqgErsTyid5GqtHxdKBHTSyx+2LbLlpNPAJ4xxHHP6:dIQGm5ddK0yI2Lfl3bv6

    Score
    10/10
    rhadamanthysdiscoverystealer

    • Detects Rhadamanthys payload

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Rhadamanthys family

      rhadamanthys

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks