General
-
Target
sample.zip
-
Size
578KB
-
Sample
240612-ytgepssbnr
-
MD5
c55250825f30449f652702f051208699
-
SHA1
3ab01565330f64279cdf4a7aae5b1cdcd32a8ff4
-
SHA256
5e89c6325b0661bfaa205afe553b7280def9c209f4dde43e262237c19e8dbea3
-
SHA512
08838e8fab8a47a00b0f04edf2641a8ec0b0e36ffcf8f35b419dc1638be0f4eacd773f97d74776b4ec6006b63b0fbaf34f7fcfd2d117224496a76383483e1b47
-
SSDEEP
12288:xRwEFAAy4K4W4P86Kz8C8LkpthvS0A4iwV:jwE9K4W4k6p/kpLjA7g
Static task
static1
Behavioral task
behavioral1
Sample
sample.zip
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
sample.zip
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
data.bin
Resource
win7-20240508-en
Behavioral task
behavioral4
Sample
data.bin
Resource
win10v2004-20240611-en
Behavioral task
behavioral5
Sample
g2m.dll
Resource
win7-20240508-en
Behavioral task
behavioral6
Sample
g2m.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral7
Sample
install.exe
Resource
win7-20240508-en
Behavioral task
behavioral8
Sample
install.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
sample.zip
-
Size
578KB
-
MD5
c55250825f30449f652702f051208699
-
SHA1
3ab01565330f64279cdf4a7aae5b1cdcd32a8ff4
-
SHA256
5e89c6325b0661bfaa205afe553b7280def9c209f4dde43e262237c19e8dbea3
-
SHA512
08838e8fab8a47a00b0f04edf2641a8ec0b0e36ffcf8f35b419dc1638be0f4eacd773f97d74776b4ec6006b63b0fbaf34f7fcfd2d117224496a76383483e1b47
-
SSDEEP
12288:xRwEFAAy4K4W4P86Kz8C8LkpthvS0A4iwV:jwE9K4W4k6p/kpLjA7g
Score10/10-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
-
-
Target
data.bin
-
Size
385KB
-
MD5
94d7d9d8ff2e1f29e1ab7a906bbbf9c3
-
SHA1
4fd3485f3ce162f3b35a87ef7e7fcfd510546ee0
-
SHA256
2d83fb3f93c339ad34771c212586545dc3c7deb518ffde76411326fabf9725cf
-
SHA512
4ce02b4e56410f7ce069223187b2dffb7930d855dafa377df60c9b669f27002dd431f65bbc203130e5d88e2f060247e8b226ceae2b6f39082a58eb5c538ace0a
-
SSDEEP
6144:xYRfxtyDDTO5qwPAAy+/g+OPGUCl085ceyrXIP7KwqGfcaqersiMsj:eRyEFAAyMA4C4P+6US7Msj
Score3/10 -
-
-
Target
g2m.dll
-
Size
400KB
-
MD5
9e0c959df25e74c80dfa5adba4eaa5c7
-
SHA1
9c5a3ed851e32617b1b294bb2c749a60988439d1
-
SHA256
d1b14d951ccaafc14ab24992678b2fee915838bbc89a32944833268cbba10f68
-
SHA512
36520d6e61833ce446b4e9f01c065bc08f47e91a3125305c5d0fe27f01f2cc19be59c9b4eacc6f0b8fc74536b718decccc7aa1aac8e9de5e685d1893e10a786a
-
SSDEEP
6144:Nt262Yh8H++Xz5YRa5bfpLECjVllx76r2xaP23O/d120:HIF+8Rx4CJTx76r2xaYOO
Score3/10 -
-
-
Target
install.exe
-
Size
39KB
-
MD5
f1b14f71252de9ac763dbfbfbfc8c2dc
-
SHA1
dcc2dcb26c1649887f1d5ae557a000b5fe34bb98
-
SHA256
796ea1d27ed5825e300c3c9505a87b2445886623235f3e41258de90ba1604cd5
-
SHA512
636a32fb8a88a542783aa57fe047b6bca47b2bd23b41b3902671c4e9036c6dbb97576be27fd2395a988653e6b63714277873e077519b4a06cdc5f63d3c4224e0
-
SSDEEP
768:YRQnUhG5bZDOTpkdD82YbQkRFokFWIILPUh:FWObZDOTpk5T6zqAh
Score10/10-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-