rhadamanthys | cc8b0af0cd9c2a09c33e266729d526f64e147901710140596942726c68ca820f | Triage

Submit
Reports

Overview

overview

Static

static

exe_unpacked.exe

windows10-1703-x64

Sharing

General

Target

exe_unpacked
Size

355KB
Sample

240923-k5827stcln
MD5

5f54a6ca1c53aa63bd083c3a5e24569b
SHA1

7b0e3f1b7572569a0f5473cc3bbdbe0122a9616c
SHA256

cc8b0af0cd9c2a09c33e266729d526f64e147901710140596942726c68ca820f
SHA512

80c97da20b7ff87460973a2dac8ab8b4d44fea1c26f81ad48936bfdb72c30a0c6174154aff1533ad4d2d806d7adcd06d164bea67ffdeb0c39978131841efe39b
SSDEEP

6144:g2qezd2ab1/RuHk+M3k8M3W7XomjOJCqshrOlumY6DMIewgxQfqJsb:gf2R/EEkCQFYDwRq+

Score

10^/10

rhadamanthys discovery stealer

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

exe_unpacked.exe

Resource

win10-20240404-en

rhadamanthys discovery stealer

windows10-1703-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

rhadamanthys

C2

https://deadmunky.nl:5403/68efc67ee981034e6b329438/h7bgh43h.758up

Targets

- Target
  
  exe_unpacked
- Size
  
  355KB
- MD5
  
  5f54a6ca1c53aa63bd083c3a5e24569b
- SHA1
  
  7b0e3f1b7572569a0f5473cc3bbdbe0122a9616c
- SHA256
  
  cc8b0af0cd9c2a09c33e266729d526f64e147901710140596942726c68ca820f
- SHA512
  
  80c97da20b7ff87460973a2dac8ab8b4d44fea1c26f81ad48936bfdb72c30a0c6174154aff1533ad4d2d806d7adcd06d164bea67ffdeb0c39978131841efe39b
- SSDEEP
  
  6144:g2qezd2ab1/RuHk+M3k8M3W7XomjOJCqshrOlumY6DMIewgxQfqJsb:gf2R/EEkCQFYDwRq+
Score

10^/10

rhadamanthys discovery stealer
- Rhadamanthys
  Rhadamanthys is an info stealer written in C++ first seen in August 2022.
  stealer rhadamanthys
- Suspicious use of NtCreateUserProcessOtherParentProcess
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

rhadamanthysdiscoverystealer

© 2018-2024

Terms | Privacy