rhadamanthys | 88cb7c954db8b07a3c50405f106a13327811a476b8640b8c04a2b2952fcee84d | Triage

Submit
Reports

Overview

overview

Static

static

1

rhada_pwsh.txt

windows10-2004-x64

Resubmissions

07-10-2024 17:00

241007-vjaydszgnk 10

07-10-2024 16:55

241007-vfa4zsthjf 1

07-10-2024 16:31

241007-t1gxlatfrf 1

07-10-2024 16:22

241007-tvn4qazeqr 10

Sharing

General

Target

rhada_pwsh.txt
Size

472KB
Sample

241007-vjaydszgnk
MD5

499f45aaf086179501deec2015d2f13c
SHA1

a8f8fd84721a4ed88f70c3680970a99c53c5eddc
SHA256

88cb7c954db8b07a3c50405f106a13327811a476b8640b8c04a2b2952fcee84d
SHA512

b8866b50a53e6983c79806b5a3c8e114654b7511ddafdf1eac582ae86695a2fbcb9fa1f5500b8e6cb98cd898a469daf14586a9fc76075865d9d3477c9791158c
SSDEEP

12288:1CQgw6wrf68klS1+t/WPwqwp1pQbQFtw1nT3DCOLZLtomL:1C/w6we8qY3wTpQmtEnT3DVjZ

Score

10^/10

rhadamanthys stealer

Static task

static1

Behavioral task

behavioral1

Sample

rhada_pwsh.txt

Resource

win10v2004-20241007-en

rhadamanthys stealer

windows10-2004-x64

7 signatures

30 seconds

Malware Config

Extracted

Family

rhadamanthys

C2

https://indscpm.xyz/bbb76d0e13310f0/b91e92i9.75aq5

Targets

- Target
  
  rhada_pwsh.txt
- Size
  
  472KB
- MD5
  
  499f45aaf086179501deec2015d2f13c
- SHA1
  
  a8f8fd84721a4ed88f70c3680970a99c53c5eddc
- SHA256
  
  88cb7c954db8b07a3c50405f106a13327811a476b8640b8c04a2b2952fcee84d
- SHA512
  
  b8866b50a53e6983c79806b5a3c8e114654b7511ddafdf1eac582ae86695a2fbcb9fa1f5500b8e6cb98cd898a469daf14586a9fc76075865d9d3477c9791158c
- SSDEEP
  
  12288:1CQgw6wrf68klS1+t/WPwqwp1pQbQFtw1nT3DCOLZLtomL:1C/w6we8qY3wTpQmtEnT3DVjZ
Score

10^/10

rhadamanthys stealer
- Rhadamanthys
  Rhadamanthys is an info stealer written in C++ first seen in August 2022.
  stealer rhadamanthys
- Suspicious use of NtCreateUserProcessOtherParentProcess
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

rhadamanthysstealer

© 2018-2024

Terms | Privacy