rhadamanthys | 69e5fbde26db525e6d78615559928ce402232e950955efb1b4476d84bc8104ba

Analysis

max time kernel
144s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
06-05-2023 06:44

Target

69e5fbde26db525e6d78615559928ce402232e950955efb1b4476d84bc8104ba.exe
Size

364KB
MD5

ef678bfd78197b1e516d2163967c2112
SHA1

45ae3af34d368ec5388577a8c974b59cd1d67756
SHA256

69e5fbde26db525e6d78615559928ce402232e950955efb1b4476d84bc8104ba
SHA512

23399d6665dcdf24a8d86075dcd433fc5aaf6635b5f69c040831d17967611f6e45835402d1de6bb94f61447b0ca1cd06b2535fe574aef2c97f84ea4009b49a1f
SSDEEP

6144:rryloYE03wAyNsLdByj1P2ih/7Hz3aFTgn2hNKGJXiCPK:rrVYE0vyVpPHJTTeTjITCPK

Score

10^/10

Family

rhadamanthys

http://179.43.142.201/img/favicon.png

Detect rhadamanthys stealer shellcode 4 IoCs

Processes:

resource	yara_rule
behavioral1/memory/4860-138-0x0000000000870000-0x000000000088C000-memory.dmp	family_rhadamanthys
behavioral1/memory/4860-139-0x0000000000870000-0x000000000088C000-memory.dmp	family_rhadamanthys
behavioral1/memory/4860-141-0x0000000000870000-0x000000000088C000-memory.dmp	family_rhadamanthys
behavioral1/memory/4860-143-0x0000000000870000-0x000000000088C000-memory.dmp	family_rhadamanthys

Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
stealer rhadamanthys

C:\Users\Admin\AppData\Local\Temp\69e5fbde26db525e6d78615559928ce402232e950955efb1b4476d84bc8104ba.exe
"C:\Users\Admin\AppData\Local\Temp\69e5fbde26db525e6d78615559928ce402232e950955efb1b4476d84bc8104ba.exe"
1⤵
PID:4860

memory/4860-134-0x0000000000760000-0x000000000078E000-memory.dmp

Filesize
184KB

Download
memory/4860-135-0x0000000000400000-0x00000000006D9000-memory.dmp

Filesize
2.8MB

Download
memory/4860-138-0x0000000000870000-0x000000000088C000-memory.dmp

Filesize
112KB

Download
memory/4860-139-0x0000000000870000-0x000000000088C000-memory.dmp

Filesize
112KB

Download
memory/4860-140-0x00000000001F0000-0x00000000001F2000-memory.dmp

Filesize
8KB

Download
memory/4860-141-0x0000000000870000-0x000000000088C000-memory.dmp

Filesize
112KB

Download
memory/4860-142-0x0000000000400000-0x00000000006D9000-memory.dmp

Filesize
2.8MB

Download
memory/4860-143-0x0000000000870000-0x000000000088C000-memory.dmp

Filesize
112KB

Download