General
-
Target
TeraBox.exe
-
Size
6.3MB
-
Sample
240609-lac7qahd28
-
MD5
7ab6073a5c400a5071bfa4ef2d936425
-
SHA1
f794ea18eced4330979972da2a4bfa33c03afa2f
-
SHA256
7774449e13c24d2b0b69114d9ba044e80dc8378fa3dfb5d17a142d5cb4cde8af
-
SHA512
4371b6b49df43dab4abf90a71819276f30dca823c93335edd5513a67a646c97ef575b2ede650ceb2f0f168af13431254530e9bffc3db0f5b0eada1492c3cab73
-
SSDEEP
98304:52XswubXaFliXVEaqz56LtbSeK78yYkVvkg7m8Etg1C9Y41WCpq:8XswuuKE7E4IDkVvkgK9fVWCo
Static task
static1
Behavioral task
behavioral1
Sample
TeraBox.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
TeraBox.exe
-
Size
6.3MB
-
MD5
7ab6073a5c400a5071bfa4ef2d936425
-
SHA1
f794ea18eced4330979972da2a4bfa33c03afa2f
-
SHA256
7774449e13c24d2b0b69114d9ba044e80dc8378fa3dfb5d17a142d5cb4cde8af
-
SHA512
4371b6b49df43dab4abf90a71819276f30dca823c93335edd5513a67a646c97ef575b2ede650ceb2f0f168af13431254530e9bffc3db0f5b0eada1492c3cab73
-
SSDEEP
98304:52XswubXaFliXVEaqz56LtbSeK78yYkVvkg7m8Etg1C9Y41WCpq:8XswuuKE7E4IDkVvkgK9fVWCo
Score10/10-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Legitimate hosting services abused for malware hosting/C2
-