rhadamanthys | 456ebef3ea4fd5820ebf1f96be5057967a020d7d1808a598dcda016a4629a00c | Triage

Sharing

General

Target

[GitHub]Project.rar
Size

5.5MB
Sample

240212-wgcvmsag5t
MD5

2d026b16e887d8ef8fd6bd93f70a1be0
SHA1

5e5eb7c04dbd84291f1baccaf7f25ea86b1adc57
SHA256

456ebef3ea4fd5820ebf1f96be5057967a020d7d1808a598dcda016a4629a00c
SHA512

13b43b2646b50e57d83f2b8c07238c3a98ff746e249f6339c9b208d44fa5580145778180dfa329892e2b4f612abfc2ae892bd2d4431f66532b1c90e0b87c032a
SSDEEP

98304:3Ddw3LdP2q7/OnsXinhRrJQS+5VURlZK0qXs6KKa2nVT9NWr:3Dd+J2O/AwGqMLZKHc6KDY9HW

Score

10^/10

rhadamanthys stealer

Malware Config

Targets

- Target
  
  Project/GitMultiLoader.exe
- Size
  
  42.7MB
- MD5
  
  5ec24905f80bb16b8844d440fd4ca921
- SHA1
  
  079f6782c79d633f3ac1288523d39fd5c6132df9
- SHA256
  
  eec6302b15fdbf92d7c6204f195246278aa2d7c54ed2eaf51f8298554ac75024
- SHA512
  
  10e3b37422b3d540f9435712ee94955df759ed1c404e35e708f0b6863ff2f8c4b1ff0fc084df10ffd805a9a9e633bb6110dc82d0d8d8d474439cd8a5b6fbfc55
- SSDEEP
  
  98304:YfCv+rScGQYPDofAKB1RYQpHd5nKRQGEaTmR3vNUkqh76n7EnVFG8TzIhX724Lks:Y7EsfAeHY0x7nbT9UsMaN6maSl
Score

10^/10

rhadamanthys stealer
- Rhadamanthys
  Rhadamanthys is an info stealer written in C++ first seen in August 2022.
  stealer rhadamanthys
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Executes dropped EXE
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1
- Target
  
  Project/opengl32.dll
- Size
  
  104KB
- MD5
  
  476b6a340b1d1de81f96c42cb94824a3
- SHA1
  
  ec0fda158e52f2c15d50ac559839262511396370
- SHA256
  
  c640ca6961bb3f90ee17ee2eab9b3ab66c76d0437408cde00bbcca58f8ccf0c7
- SHA512
  
  1df3ff41f1eab4267acf180aea00095d429190b00bbd65cbeeafe2ebd8fe964a4963709b9dd725a8aff963dcc1174295397ebcc11b0f19c08988855ab78f5790
- SSDEEP
  
  48:/44444444444444444444444444444444444444444444444444444444444444j:H
Score

1^/10
behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

rhadamanthysstealer

behavioral2