rhadamanthys | 256a3dd27e87579fde86b0fb83f3952d6bd62a526056b52f2f7ffc3623bbedd7 | Triage

Submit
Reports

Overview

overview

Static

static

1

BloxFlipPredictor.rar

windows7-x64

BloxFlipPredictor.rar

windows10-2004-x64

7

Sharing

General

Target

BloxFlipPredictor.rar
Size

9.9MB
Sample

240421-a2skyaed26
MD5

3ca322ae6e2427b6ec5d29fc24ae87b6
SHA1

66dcbd5050095378bc079e9ce5964ebf5d33371d
SHA256

256a3dd27e87579fde86b0fb83f3952d6bd62a526056b52f2f7ffc3623bbedd7
SHA512

1ac48569e5258ed03509ac43eb544289f94971f8ded07d5b0d973fd482a8c25b33dd8d53e98786860618aeca01270b968f3f8cbf15e6bbc059abc2d1dbd61fb2
SSDEEP

196608:EQgg15pM+bCAO4dUstVrJBTALX40+Sk6qECDvd1I2RYVxshYB82ED3aIjroV:lgb6bVVrJBK5JAPI8YVShDdDK8oV

Score

10^/10

rhadamanthys stealer

Static task

static1

Behavioral task

behavioral1

Sample

BloxFlipPredictor.rar

Resource

win7-20240221-en

rhadamanthys stealer

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

BloxFlipPredictor.rar

Resource

win10v2004-20240412-en

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  BloxFlipPredictor.rar
- Size
  
  9.9MB
- MD5
  
  3ca322ae6e2427b6ec5d29fc24ae87b6
- SHA1
  
  66dcbd5050095378bc079e9ce5964ebf5d33371d
- SHA256
  
  256a3dd27e87579fde86b0fb83f3952d6bd62a526056b52f2f7ffc3623bbedd7
- SHA512
  
  1ac48569e5258ed03509ac43eb544289f94971f8ded07d5b0d973fd482a8c25b33dd8d53e98786860618aeca01270b968f3f8cbf15e6bbc059abc2d1dbd61fb2
- SSDEEP
  
  196608:EQgg15pM+bCAO4dUstVrJBTALX40+Sk6qECDvd1I2RYVxshYB82ED3aIjroV:lgb6bVVrJBK5JAPI8YVShDdDK8oV
Score

10^/10

rhadamanthys stealer
- Rhadamanthys
  Rhadamanthys is an info stealer written in C++ first seen in August 2022.
  stealer rhadamanthys
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

rhadamanthysstealer

behavioral2

© 2018-2024

Terms | Privacy