rhadamanthys | 5d94282522c59df310e1355dea5e28c4085f08c8dc2738629550bbb9404bf6d3 | Triage

Submit
Reports

Overview

overview

Static

static

3

35ed65d991...97.exe

windows10-2004-x64

Sharing

General

Target

18505459239.zip
Size

916KB
Sample

240807-ltrt8azele
MD5

e3fba0aee1193f7ddfb5f4783b1c7474
SHA1

9f6ed2a8c27637c935153a586ae5fa7a67db3949
SHA256

5d94282522c59df310e1355dea5e28c4085f08c8dc2738629550bbb9404bf6d3
SHA512

afd8d71fa446a539cbd8b5edb42b7fd15ab5e64766fb4502b67e606bacdd7238ee60ff05cf74f9d673f0423f8860152c3f14588ffe9edfcc005416ae7f80ef42
SSDEEP

24576:jtE78j8Gv/bPZsU34WCSI4IGS2AXM/HRWX0PSSu2Q0LSE9Q:e8j8GvzBsU3iXM/MXGS0/Q

Score

10^/10

rhadamanthys discovery stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

35ed65d9919843300db648bf93ae57d7330095eb1ce18d6c6050db88a2e4f297.exe

Resource

win10v2004-20240802-en

rhadamanthys discovery stealer

windows10-2004-x64

15 signatures

150 seconds

Malware Config

Targets

- Target
  
  35ed65d9919843300db648bf93ae57d7330095eb1ce18d6c6050db88a2e4f297
- Size
  
  934KB
- MD5
  
  7def16e0ceea0ad69d53e0e636541dd9
- SHA1
  
  92080bb5ad272cf69f69aa0588856cda4b4b1c28
- SHA256
  
  35ed65d9919843300db648bf93ae57d7330095eb1ce18d6c6050db88a2e4f297
- SHA512
  
  9616fb69ed3fd6d59ae060a671c5af86f0d7e1a4e6f8436a9c7244928a2bb1f0a76ec4f1968f77180141493c16a4e1090faf8786ead929c3bd3812f2e09e596a
- SSDEEP
  
  24576:gbVB9BI+CacE07NGWx1G0MEL2XH09GIGiSUS00dpf:qVrIacF7dnMBXU9GIzSUlypf
Score

10^/10

rhadamanthys discovery stealer
- Rhadamanthys
  Rhadamanthys is an info stealer written in C++ first seen in August 2022.
  stealer rhadamanthys
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Enumerates processes with tasklist
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

Query Registry

Remote System Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

rhadamanthysdiscoverystealer

© 2018-2025

Terms | Privacy