rhadamanthys | 66f138849b45ba75c5e99484739c990056387b676eeadf66e32f1f27dd6b9c6d | Triage

Submit
Reports

Overview

overview

Static

static

3

winprofile

windows7-x64

winprofile

windows10-1703-x64

Sharing

General

Target

66f138849b45ba75c5e99484739c990056387b676eeadf66e32f1f27dd6b9c6d
Size

935KB
Sample

240418-2myxysgh99
MD5

e4fbe0286a7802d4a7cd91a3d55d9f3c
SHA1

320869f193d91388ae4c2337a91d7545ca0a201a
SHA256

66f138849b45ba75c5e99484739c990056387b676eeadf66e32f1f27dd6b9c6d
SHA512

36acfe26eded83721d7d35d9441342ea8e6a61da20ded05493e4cf9a88995ad52dedbd81229f3d31f670adf058b3e1696e8359af60e59dca8db847cd54daad9b
SSDEEP

24576:GbTeCswwSe/fDyBvSGy45nJtYsf8J7f7VvgWncL3f5llrINn9Ra7I7:8vdwH/LyBvg+JKsf8JzFgWcDf5m9M7m

Score

10^/10

rhadamanthys stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

66f138849b45ba75c5e99484739c990056387b676eeadf66e32f1f27dd6b9c6d.exe

Resource

win7-20240221-en

rhadamanthys stealer

windows7-x64

12 signatures

300 seconds

Behavioral task

behavioral2

Sample

66f138849b45ba75c5e99484739c990056387b676eeadf66e32f1f27dd6b9c6d.exe

Resource

win10-20240404-en

rhadamanthys stealer

windows10-1703-x64

13 signatures

300 seconds

Malware Config

Targets

- Target
  
  66f138849b45ba75c5e99484739c990056387b676eeadf66e32f1f27dd6b9c6d
- Size
  
  935KB
- MD5
  
  e4fbe0286a7802d4a7cd91a3d55d9f3c
- SHA1
  
  320869f193d91388ae4c2337a91d7545ca0a201a
- SHA256
  
  66f138849b45ba75c5e99484739c990056387b676eeadf66e32f1f27dd6b9c6d
- SHA512
  
  36acfe26eded83721d7d35d9441342ea8e6a61da20ded05493e4cf9a88995ad52dedbd81229f3d31f670adf058b3e1696e8359af60e59dca8db847cd54daad9b
- SSDEEP
  
  24576:GbTeCswwSe/fDyBvSGy45nJtYsf8J7f7VvgWncL3f5llrINn9Ra7I7:8vdwH/LyBvg+JKsf8JzFgWcDf5m9M7m
Score

10^/10

rhadamanthys stealer
- Detects DLL dropped by Raspberry Robin.
  Raspberry Robin.
- Rhadamanthys
  Rhadamanthys is an info stealer written in C++ first seen in August 2022.
  stealer rhadamanthys
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Process Discovery

Remote System Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

rhadamanthysstealer

behavioral2

rhadamanthysstealer

© 2018-2024

Terms | Privacy