rhadamanthys | 6e217c13ce7f7104b9e251f715ed0191d1c6751cd9c4b352320c0314fafbe57e | Triage

Sharing

General

Target

Unlimited_Crack.exe
Size

364KB
Sample

240420-2w46bscb38
MD5

1b8fb8b2b74de6c36c0bf69a0d2f5664
SHA1

8ea83f1e865a9486b7d9a715728af845db23f63c
SHA256

6e217c13ce7f7104b9e251f715ed0191d1c6751cd9c4b352320c0314fafbe57e
SHA512

84dc5ec442558e21bc316dd0745c44d1b57be65c2d8b3326d3c42808977960249ccd9836d7f5fc7e8a17b8d27bf6ebb9671c4a5908f9a1c74c66397ef8859898
SSDEEP

6144:49iJkovicebiNJ0mL2lvArd15G1Yct56vTN19z7yY2lg7mlm1gWnOayBsBGaCv/u:NhaPbiNJFLSAp15Qdsj952ymlxWnjLIu

Score

10^/10

rhadamanthys stealer

Malware Config

Targets

- Target
  
  Unlimited_Crack.exe
- Size
  
  364KB
- MD5
  
  1b8fb8b2b74de6c36c0bf69a0d2f5664
- SHA1
  
  8ea83f1e865a9486b7d9a715728af845db23f63c
- SHA256
  
  6e217c13ce7f7104b9e251f715ed0191d1c6751cd9c4b352320c0314fafbe57e
- SHA512
  
  84dc5ec442558e21bc316dd0745c44d1b57be65c2d8b3326d3c42808977960249ccd9836d7f5fc7e8a17b8d27bf6ebb9671c4a5908f9a1c74c66397ef8859898
- SSDEEP
  
  6144:49iJkovicebiNJ0mL2lvArd15G1Yct56vTN19z7yY2lg7mlm1gWnOayBsBGaCv/u:NhaPbiNJFLSAp15Qdsj952ymlxWnjLIu
Score

10^/10

rhadamanthys stealer
- Rhadamanthys
  Rhadamanthys is an info stealer written in C++ first seen in August 2022.
  stealer rhadamanthys
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Suspicious use of SetThreadContext
behavioral1 behavioral2 behavioral3 behavioral4 behavioral5

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

rhadamanthysstealer

behavioral2

behavioral3

rhadamanthysstealer

behavioral4

rhadamanthysstealer

behavioral5

rhadamanthysstealer