Overview

overview

10

Static

static

10

400000.exe

windows7-x64

10

400000.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    400000.exe

  • Size

    439KB

  • Sample

    250213-dlvl5sspbt

  • MD5

    80dfac8b39bd9ace8fdadbd61f70da9a

  • SHA1

    e5b084ecebce7068bfd335c8373dfad7f562874c

  • SHA256

    dc7947860946278b22d1517f14ca780b0a57c4dace99c4edf6932e77db570a33

  • SHA512

    65f645f884260f9c9321fcc9894ba501cb1571e65b29ea4cd85766fefc2a54996176740a39969220c68a65cd81ba52b3f92ecb03d2ff6b6c6f107d81081d9348

  • SSDEEP

    6144:U1Qg7Id01Nc57+61VxXiUfDbNxB/0m1S0cAg/hI7ghe3JfJRVS5T:UB7Id0fcEEJNxB/l/0/hI0Q3be5T

Score
10/10
rhadamanthysdiscoverystealer

Malware Config

Targets

    • Target

      400000.exe

    • Size

      439KB

    • MD5

      80dfac8b39bd9ace8fdadbd61f70da9a

    • SHA1

      e5b084ecebce7068bfd335c8373dfad7f562874c

    • SHA256

      dc7947860946278b22d1517f14ca780b0a57c4dace99c4edf6932e77db570a33

    • SHA512

      65f645f884260f9c9321fcc9894ba501cb1571e65b29ea4cd85766fefc2a54996176740a39969220c68a65cd81ba52b3f92ecb03d2ff6b6c6f107d81081d9348

    • SSDEEP

      6144:U1Qg7Id01Nc57+61VxXiUfDbNxB/0m1S0cAg/hI7ghe3JfJRVS5T:UB7Id0fcEEJNxB/l/0/hI0Q3be5T

    Score
    10/10
    rhadamanthysdiscoverystealer

    • Detects Rhadamanthys payload

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Rhadamanthys family

      rhadamanthys

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Downloads MZ/PE file

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks