rhadamanthys | 8161fb4c042aac76e73980d52138488cbb52b0581a34ea312510e3af3413a0c9 | Triage

Submit
Reports

Overview

overview

Static

static

7

download.exe

windows7-x64

download.exe

windows10-2004-x64

Sharing

General

Target

download.exe
Size

230KB
Sample

240905-s4ljhstekm
MD5

a7e0c20da5405e04b80b5c6a70c21ef5
SHA1

ce2cecc7bef86a654ad0861255c0c829bdba0a1b
SHA256

8161fb4c042aac76e73980d52138488cbb52b0581a34ea312510e3af3413a0c9
SHA512

fc216893f5a73fd343d7896eb73a728eab82c24cb8370c0f4584555b8ce434e43a69b8e317262113d3566296031a52a3dbcf77412d4cb0624e4d29ed39978eb5
SSDEEP

6144:KOqDycyyVJP4E2t+3ydnJhU9vWtrvz3w:Fmyc9UE2t++h6v2/g

Score

10^/10

rhadamanthys stealer upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

download.exe

Resource

win7-20240903-en

rhadamanthys stealer upx

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

download.exe

Resource

win10v2004-20240802-en

rhadamanthys stealer upx

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  download.exe
- Size
  
  230KB
- MD5
  
  a7e0c20da5405e04b80b5c6a70c21ef5
- SHA1
  
  ce2cecc7bef86a654ad0861255c0c829bdba0a1b
- SHA256
  
  8161fb4c042aac76e73980d52138488cbb52b0581a34ea312510e3af3413a0c9
- SHA512
  
  fc216893f5a73fd343d7896eb73a728eab82c24cb8370c0f4584555b8ce434e43a69b8e317262113d3566296031a52a3dbcf77412d4cb0624e4d29ed39978eb5
- SSDEEP
  
  6144:KOqDycyyVJP4E2t+3ydnJhU9vWtrvz3w:Fmyc9UE2t++h6v2/g
Score

10^/10

rhadamanthys stealer upx
- Rhadamanthys
  Rhadamanthys is an info stealer written in C++ first seen in August 2022.
  stealer rhadamanthys
- Suspicious use of NtCreateUserProcessOtherParentProcess
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

rhadamanthysstealerupx

behavioral2

rhadamanthysstealerupx

© 2018-2024

Terms | Privacy