rhadamanthys | b0f1b0fdf69a3465c8fa29905a4ae69e4d28d9e916619f6034787a9d684db796 | Triage

Sharing

General

Target

setup.exe
Size

433KB
Sample

241002-jameaaxgmc
MD5

afb79f1d95495834c928ccffcf8f4e5e
SHA1

c0ffe0908b25d5de8428a198ef0d1e6c475c99c0
SHA256

b0f1b0fdf69a3465c8fa29905a4ae69e4d28d9e916619f6034787a9d684db796
SHA512

55f566cf6624e7f542875cdb7565f4d12b8b05b6a7d6e31a02de83a212cbde9de33c0d41a80dba5397a77a326919306f6edfd884ae8b7f277a855703b672ecfa
SSDEEP

6144:Wz7IqYQ4hHqRCUGHlirkPQ7NfKqQkgJjqSeTSAym9X39zDb/Eq4h0p2SepdRKL5G:q5iKDSABhiqQTJOSqS5mHS0pfexKdG

Score

10^/10

rhadamanthys discovery stealer

Malware Config

Extracted

Family

rhadamanthys

C2

https://135.181.4.162:2423/97e9fc994198e76/rt8egk5u.wu267

Targets

- Target
  
  setup.exe
- Size
  
  433KB
- MD5
  
  afb79f1d95495834c928ccffcf8f4e5e
- SHA1
  
  c0ffe0908b25d5de8428a198ef0d1e6c475c99c0
- SHA256
  
  b0f1b0fdf69a3465c8fa29905a4ae69e4d28d9e916619f6034787a9d684db796
- SHA512
  
  55f566cf6624e7f542875cdb7565f4d12b8b05b6a7d6e31a02de83a212cbde9de33c0d41a80dba5397a77a326919306f6edfd884ae8b7f277a855703b672ecfa
- SSDEEP
  
  6144:Wz7IqYQ4hHqRCUGHlirkPQ7NfKqQkgJjqSeTSAym9X39zDb/Eq4h0p2SepdRKL5G:q5iKDSABhiqQTJOSqS5mHS0pfexKdG
Score

10^/10

rhadamanthys discovery stealer
- Rhadamanthys
  Rhadamanthys is an info stealer written in C++ first seen in August 2022.
  stealer rhadamanthys
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

rhadamanthysdiscoverystealer

behavioral2

rhadamanthysdiscoverystealer