Overview

overview

10

Static

static

10

rh_0.9.0.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    rh_0.9.0.exe

  • Size

    1.1MB

  • Sample

    250402-s27nzay1aw

  • MD5

    f213824a811b61ff6f9f950ad23acd76

  • SHA1

    f73abd780741a375c3303397ba7cb0e7c5c70f8d

  • SHA256

    acab109d5b82f41614043cf632ded46a40f5b22fa54282c2827891048528625f

  • SHA512

    b6c209913a365f13d85c1578cdae7709d2b80f30bde6343a47bb96aace994d06c9b322e6b8ce1abbcbaf069f3385db57b276883ec138391c9a70934e9380804e

  • SSDEEP

    12288:Z08XS6a0qohwBXuCzF9K4vvQuLEHu+QDmxzDMDeRGdzhB+6Th249PsanF:VS8WM4xHSfghwnKs

Score
10/10
rhadamanthysstealer

Malware Config

Targets

    • Target

      rh_0.9.0.exe

    • Size

      1.1MB

    • MD5

      f213824a811b61ff6f9f950ad23acd76

    • SHA1

      f73abd780741a375c3303397ba7cb0e7c5c70f8d

    • SHA256

      acab109d5b82f41614043cf632ded46a40f5b22fa54282c2827891048528625f

    • SHA512

      b6c209913a365f13d85c1578cdae7709d2b80f30bde6343a47bb96aace994d06c9b322e6b8ce1abbcbaf069f3385db57b276883ec138391c9a70934e9380804e

    • SSDEEP

      12288:Z08XS6a0qohwBXuCzF9K4vvQuLEHu+QDmxzDMDeRGdzhB+6Th249PsanF:VS8WM4xHSfghwnKs

    Score
    10/10
    rhadamanthysstealer

    • Detects Rhadamanthys payload

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Rhadamanthys family

      rhadamanthys

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    behavioral1

MITRE ATT&CK Matrix

Tasks