Overview

overview

10

Static

static

3

25eca29c2b...fb.exe

windows7-x64

10

25eca29c2b...fb.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    25eca29c2b8c8f74a4bbbe57cf02ec740063635ab45c4043184eaae7ae64defb

  • Size

    550KB

  • Sample

    240627-yg969azclr

  • MD5

    c9579061bc52d1d79e58f8c55a14635a

  • SHA1

    211b38575049b00d772c03f4968e5686b961c5a8

  • SHA256

    25eca29c2b8c8f74a4bbbe57cf02ec740063635ab45c4043184eaae7ae64defb

  • SHA512

    c73ce474100df0931b665e13fa6c243088d4349da10300d7b1ab422df066d12ef5e6235f5a8f4919e87d40747003ad357229058f473934f9b0eb3d7be0cbb2e6

  • SSDEEP

    6144:CqxhHcRlnPwc+me+x3aDOYD0VeXQLKYK8W8u2V+pz7tVPPhIYQQ36L7Zo+Oq5SNi:LxhywBDPieALxI20pVhPudN7Z/OvwQY

Score
10/10
rhadamanthysstealer

Malware Config

Targets

    • Target

      25eca29c2b8c8f74a4bbbe57cf02ec740063635ab45c4043184eaae7ae64defb

    • Size

      550KB

    • MD5

      c9579061bc52d1d79e58f8c55a14635a

    • SHA1

      211b38575049b00d772c03f4968e5686b961c5a8

    • SHA256

      25eca29c2b8c8f74a4bbbe57cf02ec740063635ab45c4043184eaae7ae64defb

    • SHA512

      c73ce474100df0931b665e13fa6c243088d4349da10300d7b1ab422df066d12ef5e6235f5a8f4919e87d40747003ad357229058f473934f9b0eb3d7be0cbb2e6

    • SSDEEP

      6144:CqxhHcRlnPwc+me+x3aDOYD0VeXQLKYK8W8u2V+pz7tVPPhIYQQ36L7Zo+Oq5SNi:LxhywBDPieALxI20pVhPudN7Z/OvwQY

    Score
    10/10
    rhadamanthysstealer

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks