rhadamanthys | 3c1f47ab0374dbb60884306c5556050e9d10ba75c6bca63d09ae49b2940878ac | Triage

Sharing

General

Target

ANUBIS-Best-HWID-spoofer-main.zip
Size

4.0MB
Sample

241006-csmpfavamb
MD5

7c9b5ee905e3fb741e7b9e988d4572c1
SHA1

c9b7f1fbffa3375c81cdacc238ebbc527f68d1f1
SHA256

3c1f47ab0374dbb60884306c5556050e9d10ba75c6bca63d09ae49b2940878ac
SHA512

bdc987f1d602dc9defcec11b4b43713c6b4c4c90a57834448a376a06ab8735d9642438220a23cd37daaaf72952288c99317bf93c05f23365a8b2ff4f4083953a
SSDEEP

98304:HlGsTi4l2bNvOewSd+GapwfEJvaMU+GDElZz+ACq2JKsH8vp:HQsueM2OoVR0r25C3+

Score

10^/10

rhadamanthys defense_evasion discovery stealer

Malware Config

Targets

- Target
  
  ANUBIS-Best-HWID-spoofer-main/Anubis.exe
- Size
  
  1.2MB
- MD5
  
  c2adb7ff42f1c961035f17bad5bee12d
- SHA1
  
  e2ae36539f9ff88e8a89d750e99d15ea6e84f0dc
- SHA256
  
  4b350ae0b85aa7f7818e37e3f02397cd3667af8d62eb3132fb3297bd96a0abe2
- SHA512
  
  16413f90689cfa3fc509637bea54634ead1bba7f89d621bbc8096279f2413cd3477142a63becfa457e5756583c34049699ab1e960d1133dad2f72e3325ecb348
- SSDEEP
  
  24576:uDDgbYd14JwD00GR/L4Sgh5ovGpuIGPBgyjhgQJ8L/inWS:gcbILXoO3p9GP6ydk/inWS
Score

10^/10

rhadamanthys defense_evasion discovery stealer
- Detect rhadamanthys stealer shellcode
- Rhadamanthys
  Rhadamanthys is an info stealer written in C++ first seen in August 2022.
  stealer rhadamanthys
- Executes dropped EXE
- Obfuscated Files or Information: Command Obfuscation
  Adversaries may obfuscate content during command execution to impede detection.
  defense_evasion
behavioral1
- Target
  
  ANUBIS-Best-HWID-spoofer-main/spooferconfig.dll
- Size
  
  6.0MB
- MD5
  
  f553ad722875c02d5b45f5c975ceb771
- SHA1
  
  867f41aa5b67cf7e15e3efe6cb4360f8f415fa6e
- SHA256
  
  35f12093577d9c58fe7858ca26a935aaf409269057a9a8bdf975693d6dfe208a
- SHA512
  
  041924f9a64d626d1a3b7111de968f11cc08d384b9dcd47e832744bc195d71d6f58bf06cc9f14fcf31a2f1490230779d9a1afd70e8eb836424fd14d59e6f663b
- SSDEEP
  
  49152:Z9EWdahQOLgGyX6lRu6vz3ZLZh/qNwffAj3g/bTqSk6Fi0Lp5eo0Jvn:DaNFz3Z3/lgQ/6Sj5wv
Score

1^/10
behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Obfuscated Files or Information

Command Obfuscation

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

rhadamanthysdefense_evasiondiscoverystealer

behavioral2