rhadamanthys | dd2eb9d22643740f44a63da407921b8dc80f5c539995087825fc9c10e69d4de7 | Triage

Sharing

General

Target

2024-09-06_aeaebc8cffa9107b578085fabe1e322f_magniber_revil_rhadamanthys
Size

70.4MB
Sample

240906-lb8p1syepa
MD5

aeaebc8cffa9107b578085fabe1e322f
SHA1

2c8f6f856f95011e7e7b07750eaa1e62b0e2bccf
SHA256

dd2eb9d22643740f44a63da407921b8dc80f5c539995087825fc9c10e69d4de7
SHA512

6947290e93a277458ffc62c79d2458e3b7fcd782090052a0a9c1ac396ccc38fd48d2b208f979242229b3f894748a882aec43e06a55feba3d4bb3d1e098ee6147
SSDEEP

1572864:FoxuVkox/ETpYcqn1GRa6CzAYhYbinNSMpZ5KcR8UqCIayPlDI:uMpovG

Score

10^/10

rhadamanthys discovery stealer

Malware Config

Targets

- Target
  
  2024-09-06_aeaebc8cffa9107b578085fabe1e322f_magniber_revil_rhadamanthys
- Size
  
  70.4MB
- MD5
  
  aeaebc8cffa9107b578085fabe1e322f
- SHA1
  
  2c8f6f856f95011e7e7b07750eaa1e62b0e2bccf
- SHA256
  
  dd2eb9d22643740f44a63da407921b8dc80f5c539995087825fc9c10e69d4de7
- SHA512
  
  6947290e93a277458ffc62c79d2458e3b7fcd782090052a0a9c1ac396ccc38fd48d2b208f979242229b3f894748a882aec43e06a55feba3d4bb3d1e098ee6147
- SSDEEP
  
  1572864:FoxuVkox/ETpYcqn1GRa6CzAYhYbinNSMpZ5KcR8UqCIayPlDI:uMpovG
Score

10^/10

rhadamanthys discovery stealer
- Rhadamanthys
  Rhadamanthys is an info stealer written in C++ first seen in August 2022.
  stealer rhadamanthys
- Suspicious use of NtCreateUserProcessOtherParentProcess
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

rhadamanthysdiscoverystealer

behavioral2

rhadamanthysdiscoverystealer