rhadamanthys | 57d471a6d9d5d24df56850b4d9351d3b0f86c31a9fef4676969435cbbdfb399a | Triage

Submit
Reports

Overview

overview

Static

static

1

dridex

windows10-2004-x64

Sharing

General

Target

57d471a6d9d5d24df56850b4d9351d3b0f86c31a9fef4676969435cbbdfb399a
Size

343KB
Sample

230206-w2ql8sfc59
MD5

758a785ce8155a417d1cd33234d1062d
SHA1

6b6773fbc2b0fcd149d2ba7a17a6e0aa8ee407af
SHA256

57d471a6d9d5d24df56850b4d9351d3b0f86c31a9fef4676969435cbbdfb399a
SHA512

11b745bc22f6684d3bbc44a7072977f3ee45440260562aeb115883b72c84875f9ab7cdff33645a6931297c77b4e54e171f33e836874ed6097af7fd5b45be467d
SSDEEP

6144:C3XsdLOhkHuVmnk/JZcvQG/izPqyO2QwrBVuQj9Cv/ia:CsdCX5/TdG/izPFO2PrvljwS

Score

10^/10

rhadamanthys collection discovery spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

57d471a6d9d5d24df56850b4d9351d3b0f86c31a9fef4676969435cbbdfb399a.exe

Resource

win10v2004-20221111-en

rhadamanthys collection discovery spyware stealer

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  57d471a6d9d5d24df56850b4d9351d3b0f86c31a9fef4676969435cbbdfb399a
- Size
  
  343KB
- MD5
  
  758a785ce8155a417d1cd33234d1062d
- SHA1
  
  6b6773fbc2b0fcd149d2ba7a17a6e0aa8ee407af
- SHA256
  
  57d471a6d9d5d24df56850b4d9351d3b0f86c31a9fef4676969435cbbdfb399a
- SHA512
  
  11b745bc22f6684d3bbc44a7072977f3ee45440260562aeb115883b72c84875f9ab7cdff33645a6931297c77b4e54e171f33e836874ed6097af7fd5b45be467d
- SSDEEP
  
  6144:C3XsdLOhkHuVmnk/JZcvQG/izPqyO2QwrBVuQj9Cv/ia:CsdCX5/TdG/izPFO2PrvljwS
Score

10^/10

rhadamanthys collection discovery spyware stealer
- Detect rhadamanthys stealer shellcode
- Rhadamanthys
  Rhadamanthys is an info stealer written in C++ first seen in August 2022.
  stealer rhadamanthys
- Blocklisted process makes network request
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses Microsoft Outlook profiles
  collection
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Email Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

rhadamanthyscollectiondiscoveryspywarestealer

© 2018-2024

Terms | Privacy