General
-
Target
Software_Setup.exe
-
Size
63.9MB
-
Sample
240704-ynw8zaybqh
-
MD5
9ff7e52416b7d3ca8b7e035d4b15f60d
-
SHA1
ecf06e8679da62922f3d52d2b9e756ba311e4203
-
SHA256
ec4cd02feeae2e57341cb7ff396fac7d635c914775357b95a0ae3bb73ced8703
-
SHA512
974b9d2d21ffc0d780fb5bb531db3f4edf979e032e2b0fa9048310885fa7cac06fc138b4aa5a9d6bb19a7fc7676c72e98a9ba9c60b35428a699774b34af474af
-
SSDEEP
1572864:jDkFLa2/bDkFLa2/bDkFLa2/bDkFLa2/bDkFLa2/z:j6/6/6/6/6f
Static task
static1
Behavioral task
behavioral1
Sample
Software_Setup.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
Software_Setup.exe
Resource
win10v2004-20240704-en
Malware Config
Targets
-
-
Target
Software_Setup.exe
-
Size
63.9MB
-
MD5
9ff7e52416b7d3ca8b7e035d4b15f60d
-
SHA1
ecf06e8679da62922f3d52d2b9e756ba311e4203
-
SHA256
ec4cd02feeae2e57341cb7ff396fac7d635c914775357b95a0ae3bb73ced8703
-
SHA512
974b9d2d21ffc0d780fb5bb531db3f4edf979e032e2b0fa9048310885fa7cac06fc138b4aa5a9d6bb19a7fc7676c72e98a9ba9c60b35428a699774b34af474af
-
SSDEEP
1572864:jDkFLa2/bDkFLa2/bDkFLa2/bDkFLa2/bDkFLa2/z:j6/6/6/6/6f
Score10/10-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of SetThreadContext
-