General
-
Target
SecuriteInfo.com.IL.Trojan.MSILZilla.35988.2096.4716.exe
-
Size
7.7MB
-
Sample
240628-mljpbavckg
-
MD5
72ed7e5d0e1e057c82495c58ad6374a1
-
SHA1
adad6b4da9619f376819ae9ef801f34c7ee933aa
-
SHA256
0c8f4278ca8efbac89ff48328b709d74c1ecdcd778f640959ed5edf6cf75a6b2
-
SHA512
8c071739eeb0323c2fe901240c94ee78b20aae039587e07be09ec039289be91ae39608b5933d1f69c7f6138b27ef972e63a3246738fbe9232499c1c403bd7e2f
-
SSDEEP
196608:NtwqyDjHxrF+7LQ5Xd0phh/qZjlWuPbkP8+AVI07nWFtFJDYCmy:zwN/xR7MYpPg0ZYPP
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.IL.Trojan.MSILZilla.35988.2096.4716.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.IL.Trojan.MSILZilla.35988.2096.4716.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
SecuriteInfo.com.IL.Trojan.MSILZilla.35988.2096.4716.exe
-
Size
7.7MB
-
MD5
72ed7e5d0e1e057c82495c58ad6374a1
-
SHA1
adad6b4da9619f376819ae9ef801f34c7ee933aa
-
SHA256
0c8f4278ca8efbac89ff48328b709d74c1ecdcd778f640959ed5edf6cf75a6b2
-
SHA512
8c071739eeb0323c2fe901240c94ee78b20aae039587e07be09ec039289be91ae39608b5933d1f69c7f6138b27ef972e63a3246738fbe9232499c1c403bd7e2f
-
SSDEEP
196608:NtwqyDjHxrF+7LQ5Xd0phh/qZjlWuPbkP8+AVI07nWFtFJDYCmy:zwN/xR7MYpPg0ZYPP
Score10/10-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Suspicious use of SetThreadContext
-