Triage | Malware sandboxing report by Hatching Triage

Sharing

General

Target

4248d58d86cfd2a671e4323f57993f95e193c94d8c33ccb7219800bacefa95a6
Size

354KB
Sample

230319-czr8haee74
MD5

029df110444ab7746911e96d1febee72
SHA1

26e77a415e8daea0008f8fc48de5591ed69e5a8c
SHA256

4248d58d86cfd2a671e4323f57993f95e193c94d8c33ccb7219800bacefa95a6
SHA512

38b91ecd85efd99f7d45ed46fb6a8c310ed3e4468ebf2ec406025921fba82005a646c9ff04b3ef759ba089ad0e855deaf6950c5a02c82b95fceb4945d40904e7
SSDEEP

6144:Bu3LdQxK9Gf0mKGFIZzL/v2XxmXtYXOy5yeirYI/E:Bu3WaM0mJSYz5jYE

Score

10^/10

rhadamanthys stealer

Malware Config

Targets

- Target
  
  4248d58d86cfd2a671e4323f57993f95e193c94d8c33ccb7219800bacefa95a6
- Size
  
  354KB
- MD5
  
  029df110444ab7746911e96d1febee72
- SHA1
  
  26e77a415e8daea0008f8fc48de5591ed69e5a8c
- SHA256
  
  4248d58d86cfd2a671e4323f57993f95e193c94d8c33ccb7219800bacefa95a6
- SHA512
  
  38b91ecd85efd99f7d45ed46fb6a8c310ed3e4468ebf2ec406025921fba82005a646c9ff04b3ef759ba089ad0e855deaf6950c5a02c82b95fceb4945d40904e7
- SSDEEP
  
  6144:Bu3LdQxK9Gf0mKGFIZzL/v2XxmXtYXOy5yeirYI/E:Bu3WaM0mJSYz5jYE
Score

10^/10

rhadamanthys stealer
- Detect rhadamanthys stealer shellcode
- Rhadamanthys
  Rhadamanthys is an info stealer written in C++ first seen in August 2022.
  stealer rhadamanthys
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1

MITRE ATT&CK Matrix

Collection

Command and Control

Credential Access

Defense Evasion

Discovery

Execution

Exfiltration

Impact

Initial Access

Lateral Movement

Persistence

Privilege Escalation

Tasks

static1

behavioral1

rhadamanthysstealer