rhadamanthys | 054364f58a17ec336ad19906082bb054b565f38de455d89f51ed02e290c75a72 | Triage

Sharing

General

Target

SetLoader.exe
Size

35.9MB
Sample

240914-tkb2easdlr
MD5

eb142f56ed73c4cce280fc3f3493429a
SHA1

e1ce2464864482703abded9cbed4aaabc638a113
SHA256

054364f58a17ec336ad19906082bb054b565f38de455d89f51ed02e290c75a72
SHA512

75c97a01fe3963939233214093c419fdc3fc561e35e8884ee221e4dced3bab1baa9c4ed2fec6a95517de794728df1eef0e533357b16b719480aa7692910779c2
SSDEEP

393216:f1Du8BtuBw2FEL3Z3aLUoQvo6LP/SgbSpYvKEh1EdKwlGQKPJuGsiTfREsrgCYfd:fMguj8Q4VfvPqFTrYC

Score

10^/10

rhadamanthys discovery stealer

Malware Config

Targets

- Target
  
  SetLoader.exe
- Size
  
  35.9MB
- MD5
  
  eb142f56ed73c4cce280fc3f3493429a
- SHA1
  
  e1ce2464864482703abded9cbed4aaabc638a113
- SHA256
  
  054364f58a17ec336ad19906082bb054b565f38de455d89f51ed02e290c75a72
- SHA512
  
  75c97a01fe3963939233214093c419fdc3fc561e35e8884ee221e4dced3bab1baa9c4ed2fec6a95517de794728df1eef0e533357b16b719480aa7692910779c2
- SSDEEP
  
  393216:f1Du8BtuBw2FEL3Z3aLUoQvo6LP/SgbSpYvKEh1EdKwlGQKPJuGsiTfREsrgCYfd:fMguj8Q4VfvPqFTrYC
Score

10^/10

rhadamanthys discovery stealer
- Rhadamanthys
  Rhadamanthys is an info stealer written in C++ first seen in August 2022.
  stealer rhadamanthys
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

rhadamanthysdiscoverystealer