rhadamanthys | 686f9d8e29ba0fd3e4285ecd2f85716bea5be6c3b6571c955c9f6ea9274dc9cf | Triage

Submit
Reports

Overview

overview

Static

static

3

2ee4b1df29...9f.exe

windows7-x64

2ee4b1df29...9f.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

2ee4b1df29fe85c016c84d5855b0ec9f.exe
Size

1016KB
Sample

230717-lfw7sabg6z
MD5

2ee4b1df29fe85c016c84d5855b0ec9f
SHA1

3062e6dab48c12c1b66c63813f20a0fc86c79966
SHA256

686f9d8e29ba0fd3e4285ecd2f85716bea5be6c3b6571c955c9f6ea9274dc9cf
SHA512

467e227cc86a58e21d038f0b5bba19c229cc1b735199e0a65fba06d099a7c5201ffb50c41845bc115887b9700b592bdfaa65b496db4a02b579c537c9c6255f9a
SSDEEP

12288:aExUboCrf3E1zPXkbaEGJmtNjVu2q8OqdCB5GDdSUHrCAZWgAYhaoa6Wn4jfHh1:a3skbXG+NlOqFeA/BO6W4jp

Score

10^/10

rhadamanthys collection stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2ee4b1df29fe85c016c84d5855b0ec9f.exe

Resource

win7-20230712-en

rhadamanthys collection stealer

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

2ee4b1df29fe85c016c84d5855b0ec9f.exe

Resource

win10v2004-20230703-en

rhadamanthys collection stealer

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  2ee4b1df29fe85c016c84d5855b0ec9f.exe
- Size
  
  1016KB
- MD5
  
  2ee4b1df29fe85c016c84d5855b0ec9f
- SHA1
  
  3062e6dab48c12c1b66c63813f20a0fc86c79966
- SHA256
  
  686f9d8e29ba0fd3e4285ecd2f85716bea5be6c3b6571c955c9f6ea9274dc9cf
- SHA512
  
  467e227cc86a58e21d038f0b5bba19c229cc1b735199e0a65fba06d099a7c5201ffb50c41845bc115887b9700b592bdfaa65b496db4a02b579c537c9c6255f9a
- SSDEEP
  
  12288:aExUboCrf3E1zPXkbaEGJmtNjVu2q8OqdCB5GDdSUHrCAZWgAYhaoa6Wn4jfHh1:a3skbXG+NlOqFeA/BO6W4jp
Score

10^/10

rhadamanthys collection stealer
- Detect rhadamanthys stealer shellcode
- Rhadamanthys
  Rhadamanthys is an info stealer written in C++ first seen in August 2022.
  stealer rhadamanthys
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Accesses Microsoft Outlook profiles
  collection
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

rhadamanthyscollectionstealer

behavioral2

rhadamanthyscollectionstealer

© 2018-2025

Terms | Privacy