rhadamanthys | 528f6c8f0c5d2399ea77e134bb4b4ab72883b4a8abe45e51dcef0e4abce0ce7e | Triage

Sharing

General

Target

528f6c8f0c5d2399ea77e134bb4b4ab72883b4a8abe45e51dcef0e4abce0ce7e.exe
Size

448KB
Sample

240914-bvw58a1ajb
MD5

3b2ed8806b436e170c3576b528635a46
SHA1

64ff3f68fd0d657cd8bd4a8088d211f58c32a96d
SHA256

528f6c8f0c5d2399ea77e134bb4b4ab72883b4a8abe45e51dcef0e4abce0ce7e
SHA512

9a9995d92211969e54b93b013c282c51022cfdba25fb0b583730c662d254fdf29767dee8da28026a5f75ac0e9975e5c7389e6437b464217623a9dc28aa9f0bb9
SSDEEP

6144:nC5hyUR+MhyfUj6qfoEXYfIrvQ/zabJzYbLkBWBXpMcwLbjJgSqtUg83T36XE24r:v+BoEmID/mQmpMcmSSIU16XE2e5L

Score

10^/10

rhadamanthys discovery stealer

Malware Config

Extracted

Family

rhadamanthys

C2

https://deadmunky.nl:5403/68efc67ee981034e6b329438/4erkxm8j.nrqet

Targets

- Target
  
  528f6c8f0c5d2399ea77e134bb4b4ab72883b4a8abe45e51dcef0e4abce0ce7e.exe
- Size
  
  448KB
- MD5
  
  3b2ed8806b436e170c3576b528635a46
- SHA1
  
  64ff3f68fd0d657cd8bd4a8088d211f58c32a96d
- SHA256
  
  528f6c8f0c5d2399ea77e134bb4b4ab72883b4a8abe45e51dcef0e4abce0ce7e
- SHA512
  
  9a9995d92211969e54b93b013c282c51022cfdba25fb0b583730c662d254fdf29767dee8da28026a5f75ac0e9975e5c7389e6437b464217623a9dc28aa9f0bb9
- SSDEEP
  
  6144:nC5hyUR+MhyfUj6qfoEXYfIrvQ/zabJzYbLkBWBXpMcwLbjJgSqtUg83T36XE24r:v+BoEmID/mQmpMcmSSIU16XE2e5L
Score

10^/10

rhadamanthys discovery stealer
- Rhadamanthys
  Rhadamanthys is an info stealer written in C++ first seen in August 2022.
  stealer rhadamanthys
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

rhadamanthysdiscoverystealer

behavioral2

rhadamanthysdiscoverystealer