Overview

overview

10

Static

static

3

285557d784...bb.exe

windows7-x64

10

285557d784...bb.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    285557d7846b75b624cb60db673bceb9a7093330476875499e062aa18b39e4bb.exe

  • Size

    2.1MB

  • Sample

    250207-e79tmaypbx

  • MD5

    f8cd8cd3e6a25d340c068d8afc584d57

  • SHA1

    a2df305f1715f4edb3475ded16b5ce7fd1d07a49

  • SHA256

    285557d7846b75b624cb60db673bceb9a7093330476875499e062aa18b39e4bb

  • SHA512

    7fa99c628dc6634a2040923b15f859a707c102e6d8f89fec94d527dca914be60a3cb7b0ea2f162cbb3c9968d8194ddd2a1d6aabcf1bf05d67f113a682a547e6d

  • SSDEEP

    49152:HMoRLBk7hwlVpx3hTuTpCrm4AJy3gg3Ps2QfQWyEvib+Fh:C+bClPlgsf3D

Score
10/10
rhadamanthysdiscoverystealer

Malware Config

Targets

    • Target

      285557d7846b75b624cb60db673bceb9a7093330476875499e062aa18b39e4bb.exe

    • Size

      2.1MB

    • MD5

      f8cd8cd3e6a25d340c068d8afc584d57

    • SHA1

      a2df305f1715f4edb3475ded16b5ce7fd1d07a49

    • SHA256

      285557d7846b75b624cb60db673bceb9a7093330476875499e062aa18b39e4bb

    • SHA512

      7fa99c628dc6634a2040923b15f859a707c102e6d8f89fec94d527dca914be60a3cb7b0ea2f162cbb3c9968d8194ddd2a1d6aabcf1bf05d67f113a682a547e6d

    • SSDEEP

      49152:HMoRLBk7hwlVpx3hTuTpCrm4AJy3gg3Ps2QfQWyEvib+Fh:C+bClPlgsf3D

    Score
    10/10
    rhadamanthysdiscoverystealer

    • Detects Rhadamanthys payload

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Rhadamanthys family

      rhadamanthys

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks