General
-
Target
http://notlonso.com
-
Sample
240425-lm5shahe3s
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
http://notlonso.com
Resource
win11-20240412-en
windows11-21h2-x64
17 signatures
1200 seconds
Malware Config
Targets
-
-
Target
http://notlonso.com
Score10/10-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Downloads MZ/PE file
-
Identifies hardware specifics through system_profiler
-
Executes dropped EXE
-
File Permission
Adversaries may modify file permissions/attributes to evade access control lists (ACLs) and access protected files.
-
Loads dropped DLL
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-