rhadamanthys | 210d9fae2a34b9d739b856ef0bce06be2b07f22e58ca31607cd6c1220414d087 | Triage

Sharing

General

Target

63ea2f27cb0282aa156eb7f4221a7100N.exe
Size

5.4MB
Sample

240802-gm7vmszarp
MD5

63ea2f27cb0282aa156eb7f4221a7100
SHA1

d272dd6959f11a12756cc0c57bcbf5fd5452d72f
SHA256

210d9fae2a34b9d739b856ef0bce06be2b07f22e58ca31607cd6c1220414d087
SHA512

2d1ebc2acd74502b3f1fe2764e2e4fdf049a416d4beb6ca1d1be5af90ec6db545dadce67cf3d9e3a6823f9dff04b61c7ef87f6e11b653844cb9de97b6d506321
SSDEEP

98304:s5LmpFg5UPPKBmiHT+ohK+sRp0OxCMR3VBZOPZ8UDCceWKwj:SLmp8BmiHD8djBZOaOE6j

Score

10^/10

rhadamanthys discovery stealer

Malware Config

Targets

- Target
  
  63ea2f27cb0282aa156eb7f4221a7100N.exe
- Size
  
  5.4MB
- MD5
  
  63ea2f27cb0282aa156eb7f4221a7100
- SHA1
  
  d272dd6959f11a12756cc0c57bcbf5fd5452d72f
- SHA256
  
  210d9fae2a34b9d739b856ef0bce06be2b07f22e58ca31607cd6c1220414d087
- SHA512
  
  2d1ebc2acd74502b3f1fe2764e2e4fdf049a416d4beb6ca1d1be5af90ec6db545dadce67cf3d9e3a6823f9dff04b61c7ef87f6e11b653844cb9de97b6d506321
- SSDEEP
  
  98304:s5LmpFg5UPPKBmiHT+ohK+sRp0OxCMR3VBZOPZ8UDCceWKwj:SLmp8BmiHD8djBZOaOE6j
Score

10^/10

rhadamanthys discovery stealer
- Rhadamanthys
  Rhadamanthys is an info stealer written in C++ first seen in August 2022.
  stealer rhadamanthys
- Suspicious use of NtCreateUserProcessOtherParentProcess
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

rhadamanthysdiscoverystealer