5219f7c44533b422bb083855401a3beb2b55e29b03cc739f18540bdcf361f31d

Analysis

max time kernel
0s
max time network
0s
platform
ubuntu-24.04_amd64
resource
ubuntu2404-amd64-20240523-en
resource tags

arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
submitted
15-10-2024 02:31

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Rhadamanthys-Stealer-main/usr/local/rhadamanthys/bin/rhadamanthys
Size

17.3MB
MD5

4c64e9a16fbac9170fcc5c18a7dc94c2
SHA1

5a86525e83d74d324266e44dc415f393c0d1a8df
SHA256

89c443d3ecdd923419be66119a486a0016c9812c022ad538a84c0f16bdff6ff0
SHA512

29bd775e247c2e442e3d229cbae8889fdaf83623692798ab45f19a5ead6fe401bdc3ee6f99fa6006cbc255d0c7f8940e7b8f8954db59337693a797bb16d002fa
SSDEEP

98304:yv3umbcyOzMqjLoj1bbPpgISKhw/Om1Ac3ynITjcZyhRu45RNB2I7lzkczuEleZl:PQbb+ce//le1yvgA7Tdre+/xCkeF

Score

3^/10

discovery

Malware Config

Signatures

Enumerates kernel/hardware configuration 1 TTPs 1 IoCs

Reads contents of /sys virtual filesystem to enumerate system information.

discovery

System Information Discovery

T1082

description	ioc	Process
File opened for reading	/sys/kernel/mm/transparent_hugepage/hpage_pmd_size	rhadamanthys

/tmp/Rhadamanthys-Stealer-main/usr/local/rhadamanthys/bin/rhadamanthys
/tmp/Rhadamanthys-Stealer-main/usr/local/rhadamanthys/bin/rhadamanthys
1⤵
- Enumerates kernel/hardware configuration
PID:2417

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads