Overview

overview

10

Static

static

10

setup.exe

windows7-x64

10

setup.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    setup.exe

  • Size

    439KB

  • Sample

    250212-z4hwysynez

  • MD5

    ac4efd056fd9b6c184ef7095ad0cb21b

  • SHA1

    e32a023802a23757e0dad75768e20228b85a26ca

  • SHA256

    d36ddd249b53b11cad51faf051f8a30c4a618644742cf0b12eae543cb3bc5078

  • SHA512

    00791e49c4518a03e3bc30ef664fc9b6a1d19d04b079840846d02c7352bafcb11d3164bf8e8efa48f716abfaedc7bcfe87c781b589db124bd8283350f7aef1b6

  • SSDEEP

    6144:U1Qg7Id01Nc57+61VxXiUfDbNxB/0m1S0cAg/hI7ghe3JfJRHS5T:UB7Id0fcEEJNxB/l/0/hI0Q3bk5T

Score
10/10
rhadamanthysdiscoverystealer

Malware Config

Targets

    • Target

      setup.exe

    • Size

      439KB

    • MD5

      ac4efd056fd9b6c184ef7095ad0cb21b

    • SHA1

      e32a023802a23757e0dad75768e20228b85a26ca

    • SHA256

      d36ddd249b53b11cad51faf051f8a30c4a618644742cf0b12eae543cb3bc5078

    • SHA512

      00791e49c4518a03e3bc30ef664fc9b6a1d19d04b079840846d02c7352bafcb11d3164bf8e8efa48f716abfaedc7bcfe87c781b589db124bd8283350f7aef1b6

    • SSDEEP

      6144:U1Qg7Id01Nc57+61VxXiUfDbNxB/0m1S0cAg/hI7ghe3JfJRHS5T:UB7Id0fcEEJNxB/l/0/hI0Q3bk5T

    Score
    10/10
    rhadamanthysdiscoverystealer

    • Detects Rhadamanthys payload

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Rhadamanthys family

      rhadamanthys

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Downloads MZ/PE file

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks