General
-
Target
file.exe
-
Size
911KB
-
Sample
240606-sxvtlsgh89
-
MD5
2872a5264f05d5c17f477175f09acdda
-
SHA1
3f79c97d7fe7d6d1e5e9529f95dd1bc1873c72d5
-
SHA256
f4dde5135d892a3b27afc4a95376e7880eee75c2d0b1b711baf4a9bd93bda187
-
SHA512
ab50cf2fb06390d245b7267c65c869b53e272114383c2aced967aaf8cc8b13e58169739189a647b46f24ebda6aa697240b58174f5dffae3ac66816182e533f63
-
SSDEEP
24576:8E7C3c6JD1Zz80aMLplXnPV9XURJlKSEgtY+VTCC:8gSD80aMLpZnPVCROSEgtY+VTC
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
file.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
file.exe
-
Size
911KB
-
MD5
2872a5264f05d5c17f477175f09acdda
-
SHA1
3f79c97d7fe7d6d1e5e9529f95dd1bc1873c72d5
-
SHA256
f4dde5135d892a3b27afc4a95376e7880eee75c2d0b1b711baf4a9bd93bda187
-
SHA512
ab50cf2fb06390d245b7267c65c869b53e272114383c2aced967aaf8cc8b13e58169739189a647b46f24ebda6aa697240b58174f5dffae3ac66816182e533f63
-
SSDEEP
24576:8E7C3c6JD1Zz80aMLplXnPV9XURJlKSEgtY+VTCC:8gSD80aMLpZnPVCROSEgtY+VTC
Score10/10-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Suspicious use of SetThreadContext
-