Extracted

• • Target

    test.ps1

  • Size

    702B

  • MD5

    b629e4a76638f91a67059188d07e27f6

  • SHA1

    42b37211578e971c684b493c8b604874518652e3

  • SHA256

    b4dabf844bceeb5b1fa448549735296b4bdf289f346f960228d52a7a09e35ea1

  • SHA512

    e11cd5638890756787640c60cd6beaa8a61a6998d1077010da6f0b5f32bd67e176b09d984948cabd68ae2fa6fd9408a44360f0911d93fa205b7821af43b5784c

  Score

  10^/10

  executionrhadamanthysstealer

  • Rhadamanthys

    Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    stealerrhadamanthys

  • Rhadamanthys family

    rhadamanthys

  • Suspicious use of NtCreateUserProcessOtherParentProcess

  • Blocklisted process makes network request

  • Downloads MZ/PE file

  • Executes dropped EXE

  • Loads dropped DLL

  behavioral1behavioral2