rhadamanthys | 718dc58c02f2c98eda1eae96c5bde5e0d71bf418c483fea0eea84645b4cafae6 | Triage

Submit
Reports

Overview

overview

Static

static

1

x32_x64_installer.zip

windows10-2004-x64

Resubmissions

26/03/2024, 12:12

240326-pdgk4acg7y 10

26/03/2024, 07:21

240326-h6368sdg63 10

Sharing

Copy URL Twitter E-mail

General

Target

x32_x64_installer.zip
Size

7.5MB
Sample

240326-pdgk4acg7y
MD5

4a218ac8f0118c6d82fe008c9f269974
SHA1

b8afa25df4f91708dbbde1d91dd83379e526e858
SHA256

718dc58c02f2c98eda1eae96c5bde5e0d71bf418c483fea0eea84645b4cafae6
SHA512

d41aa0a2d4d3e58a2e44ba965b079086752212c9cbf41f78e21505670076097a8edf6ed85c251fbb1fdc9aa07b11ad35aa3415c88ebad9f0ef031613c56725ab
SSDEEP

196608:WTAFvNx0/Xg8/h7jhWsTbXRamsx9z3pB0n:WT2SP1FhrcnrYn

Score

10^/10

rhadamanthys stealer

Static task

static1

Behavioral task

behavioral1

Sample

x32_x64_installer.zip

Resource

win10v2004-20240226-en

rhadamanthys stealer

windows10-2004-x64

22 signatures

600 seconds

Malware Config

Extracted

Language

ps1

Deobfuscated

URLs

ps1.dropper

https://iigggkkl.monster/newdrop.bs64

Targets

- Target
  
  x32_x64_installer.zip
- Size
  
  7.5MB
- MD5
  
  4a218ac8f0118c6d82fe008c9f269974
- SHA1
  
  b8afa25df4f91708dbbde1d91dd83379e526e858
- SHA256
  
  718dc58c02f2c98eda1eae96c5bde5e0d71bf418c483fea0eea84645b4cafae6
- SHA512
  
  d41aa0a2d4d3e58a2e44ba965b079086752212c9cbf41f78e21505670076097a8edf6ed85c251fbb1fdc9aa07b11ad35aa3415c88ebad9f0ef031613c56725ab
- SSDEEP
  
  196608:WTAFvNx0/Xg8/h7jhWsTbXRamsx9z3pB0n:WT2SP1FhrcnrYn
Score

10^/10

rhadamanthys stealer
- Rhadamanthys
  Rhadamanthys is an info stealer written in C++ first seen in August 2022.
  stealer rhadamanthys
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Blocklisted process makes network request
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

rhadamanthysstealer

© 2018-2025

Terms | Privacy