General
-
Target
2024-06-19_81a91432728086f4e842b7548c663492_magniber_revil
-
Size
58.5MB
-
Sample
240619-lgghqasdpn
-
MD5
81a91432728086f4e842b7548c663492
-
SHA1
1159a7a62d0294f697aedd2331daa7068d39f163
-
SHA256
4c55bb0be66138f9c0a14afe676b5f27bd5e51faf3116a5130e08ae810630ada
-
SHA512
c7f25fe90f73c0a9bb81bc60aa1e53409ac04306ffee1370a5f265eea388d7ca82b84340c0481c61a98c4c0987f154e8ef448cb2b52800e2f4a06f33abe46e83
-
SSDEEP
1572864:hNpJfO/7sER9gQWwUPGxZH0Zfy7l41HJHvE5ZyDiEMKrM:hHwPDKDvMKA
Static task
static1
Behavioral task
behavioral1
Sample
2024-06-19_81a91432728086f4e842b7548c663492_magniber_revil.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
2024-06-19_81a91432728086f4e842b7548c663492_magniber_revil.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-06-19_81a91432728086f4e842b7548c663492_magniber_revil
-
Size
58.5MB
-
MD5
81a91432728086f4e842b7548c663492
-
SHA1
1159a7a62d0294f697aedd2331daa7068d39f163
-
SHA256
4c55bb0be66138f9c0a14afe676b5f27bd5e51faf3116a5130e08ae810630ada
-
SHA512
c7f25fe90f73c0a9bb81bc60aa1e53409ac04306ffee1370a5f265eea388d7ca82b84340c0481c61a98c4c0987f154e8ef448cb2b52800e2f4a06f33abe46e83
-
SSDEEP
1572864:hNpJfO/7sER9gQWwUPGxZH0Zfy7l41HJHvE5ZyDiEMKrM:hHwPDKDvMKA
Score10/10-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Adds Run key to start application
-