Overview

overview

10

Static

static

3

sample.zip

windows7-x64

1

sample.zip

windows10-2004-x64

10

data.bin

windows7-x64

3

data.bin

windows10-2004-x64

3

g2m.dll

windows7-x64

1

g2m.dll

windows10-2004-x64

3

install.exe

windows7-x64

1

install.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    sample.zip

  • Size

    578KB

  • Sample

    240612-ytgepssbnr

  • MD5

    c55250825f30449f652702f051208699

  • SHA1

    3ab01565330f64279cdf4a7aae5b1cdcd32a8ff4

  • SHA256

    5e89c6325b0661bfaa205afe553b7280def9c209f4dde43e262237c19e8dbea3

  • SHA512

    08838e8fab8a47a00b0f04edf2641a8ec0b0e36ffcf8f35b419dc1638be0f4eacd773f97d74776b4ec6006b63b0fbaf34f7fcfd2d117224496a76383483e1b47

  • SSDEEP

    12288:xRwEFAAy4K4W4P86Kz8C8LkpthvS0A4iwV:jwE9K4W4k6p/kpLjA7g

Score
10/10
rhadamanthysstealer

Malware Config

Targets

    • Target

      sample.zip

    • Size

      578KB

    • MD5

      c55250825f30449f652702f051208699

    • SHA1

      3ab01565330f64279cdf4a7aae5b1cdcd32a8ff4

    • SHA256

      5e89c6325b0661bfaa205afe553b7280def9c209f4dde43e262237c19e8dbea3

    • SHA512

      08838e8fab8a47a00b0f04edf2641a8ec0b0e36ffcf8f35b419dc1638be0f4eacd773f97d74776b4ec6006b63b0fbaf34f7fcfd2d117224496a76383483e1b47

    • SSDEEP

      12288:xRwEFAAy4K4W4P86Kz8C8LkpthvS0A4iwV:jwE9K4W4k6p/kpLjA7g

    Score
    10/10
    rhadamanthysstealer

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    behavioral1behavioral2

    • Target

      data.bin

    • Size

      385KB

    • MD5

      94d7d9d8ff2e1f29e1ab7a906bbbf9c3

    • SHA1

      4fd3485f3ce162f3b35a87ef7e7fcfd510546ee0

    • SHA256

      2d83fb3f93c339ad34771c212586545dc3c7deb518ffde76411326fabf9725cf

    • SHA512

      4ce02b4e56410f7ce069223187b2dffb7930d855dafa377df60c9b669f27002dd431f65bbc203130e5d88e2f060247e8b226ceae2b6f39082a58eb5c538ace0a

    • SSDEEP

      6144:xYRfxtyDDTO5qwPAAy+/g+OPGUCl085ceyrXIP7KwqGfcaqersiMsj:eRyEFAAyMA4C4P+6US7Msj

    Score
    3/10
    behavioral3behavioral4

    • Target

      g2m.dll

    • Size

      400KB

    • MD5

      9e0c959df25e74c80dfa5adba4eaa5c7

    • SHA1

      9c5a3ed851e32617b1b294bb2c749a60988439d1

    • SHA256

      d1b14d951ccaafc14ab24992678b2fee915838bbc89a32944833268cbba10f68

    • SHA512

      36520d6e61833ce446b4e9f01c065bc08f47e91a3125305c5d0fe27f01f2cc19be59c9b4eacc6f0b8fc74536b718decccc7aa1aac8e9de5e685d1893e10a786a

    • SSDEEP

      6144:Nt262Yh8H++Xz5YRa5bfpLECjVllx76r2xaP23O/d120:HIF+8Rx4CJTx76r2xaYOO

    Score
    3/10
    behavioral5behavioral6

    • Target

      install.exe

    • Size

      39KB

    • MD5

      f1b14f71252de9ac763dbfbfbfc8c2dc

    • SHA1

      dcc2dcb26c1649887f1d5ae557a000b5fe34bb98

    • SHA256

      796ea1d27ed5825e300c3c9505a87b2445886623235f3e41258de90ba1604cd5

    • SHA512

      636a32fb8a88a542783aa57fe047b6bca47b2bd23b41b3902671c4e9036c6dbb97576be27fd2395a988653e6b63714277873e077519b4a06cdc5f63d3c4224e0

    • SSDEEP

      768:YRQnUhG5bZDOTpkdD82YbQkRFokFWIILPUh:FWObZDOTpk5T6zqAh

    Score
    10/10
    rhadamanthysstealer

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    behavioral7behavioral8

MITRE ATT&CK Matrix ATT&CK v13

Tasks