rhadamanthys | a4d9c3176dda68e8a66b715ce7b8ebc257988e4849b25d05db02f6e166a3ac7b

Analysis

max time kernel
153s
max time network
153s
platform
windows10-1703_x64
resource
win10-20230220-en
resource tags

arch:x64arch:x86image:win10-20230220-enlocale:en-usos:windows10-1703-x64system
submitted
05-05-2023 22:54

Target

a4d9c3176dda68e8a66b715ce7b8ebc257988e4849b25d05db02f6e166a3ac7b.exe
Size

364KB
MD5

71db6e1a0b3e7c01dc00d7034ced1383
SHA1

623ad13b91bf93ad3a369b044f6179e03c374f4e
SHA256

a4d9c3176dda68e8a66b715ce7b8ebc257988e4849b25d05db02f6e166a3ac7b
SHA512

e7053a57fc326cd13f0ab26b53ca192f1592c9cc67904390c173b0ad476cb2a632703b878ef48660e695fc8d332266b70096387669a764c80085eff8faad4c56
SSDEEP

3072:FnoqqDvZYjTqmd+pD/90tnP3QWqPDhT03f8GP2lTv/RzTVtnZYPpN6dFF2Q1CAJM:0GjTkDaYTbi8IIruhqdCOKUC2K

Score

10^/10

Family

rhadamanthys

http://179.43.142.201/img/favicon.png

Detect rhadamanthys stealer shellcode 5 IoCs

Processes:

resource	yara_rule
behavioral1/memory/2124-128-0x0000000000C60000-0x0000000000C7C000-memory.dmp	family_rhadamanthys
behavioral1/memory/2124-129-0x0000000000C60000-0x0000000000C7C000-memory.dmp	family_rhadamanthys
behavioral1/memory/2124-130-0x0000000000C60000-0x0000000000C7C000-memory.dmp	family_rhadamanthys
behavioral1/memory/2124-131-0x0000000000C60000-0x0000000000C7C000-memory.dmp	family_rhadamanthys
behavioral1/memory/2124-133-0x0000000000C60000-0x0000000000C7C000-memory.dmp	family_rhadamanthys

Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
stealer rhadamanthys

C:\Users\Admin\AppData\Local\Temp\a4d9c3176dda68e8a66b715ce7b8ebc257988e4849b25d05db02f6e166a3ac7b.exe
"C:\Users\Admin\AppData\Local\Temp\a4d9c3176dda68e8a66b715ce7b8ebc257988e4849b25d05db02f6e166a3ac7b.exe"
1⤵
PID:2124

memory/2124-122-0x0000000002430000-0x000000000245E000-memory.dmp

Filesize
184KB

Download
memory/2124-123-0x0000000000400000-0x00000000006D9000-memory.dmp

Filesize
2.8MB

Download
memory/2124-124-0x0000000002430000-0x000000000245E000-memory.dmp

Filesize
184KB

Download
memory/2124-125-0x0000000000400000-0x00000000006D9000-memory.dmp

Filesize
2.8MB

Download
memory/2124-128-0x0000000000C60000-0x0000000000C7C000-memory.dmp

Filesize
112KB

Download
memory/2124-129-0x0000000000C60000-0x0000000000C7C000-memory.dmp

Filesize
112KB

Download
memory/2124-130-0x0000000000C60000-0x0000000000C7C000-memory.dmp

Filesize
112KB

Download
memory/2124-131-0x0000000000C60000-0x0000000000C7C000-memory.dmp

Filesize
112KB

Download
memory/2124-132-0x0000000000400000-0x00000000006D9000-memory.dmp

Filesize
2.8MB

Download
memory/2124-133-0x0000000000C60000-0x0000000000C7C000-memory.dmp

Filesize
112KB

Download