rhadamanthys | 1b7d670fcf08ef982ebf0eacd19f4242d75216b5f3ad754b48eb7def379c2e16 | Triage

Submit
Reports

Overview

overview

Static

static

1

Promo Cont...ON.exe

windows11-21h2-x64

Sharing

General

Target

Promo Contract for partners WEB VERSION.exe
Size

673.3MB
Sample

241030-vjexcawqb1
MD5

39143e9f9467951d7481c92f9b47bb94
SHA1

3f90c3c3024ad5a14de664692671177f707b890f
SHA256

1b7d670fcf08ef982ebf0eacd19f4242d75216b5f3ad754b48eb7def379c2e16
SHA512

e2a88feb46c95f9f34b00293ec465919ec492191c07cc96181e7e65e9d9ab16f4fc3828d37a5b53a52ad7dfea2b2c13d498c9344b02328e19a3b9270a68593a4
SSDEEP

98304:4KxPH1rO5v4CRsJHOj8GxN28jJnMW4SNGXc3f:4GV65v4NF+818VnMW4Ts3f

Score

10^/10

rhadamanthys discovery stealer

Static task

static1

Behavioral task

behavioral1

Sample

Promo Contract for partners WEB VERSION.exe

Resource

win11-20241007-fr

rhadamanthys discovery stealer

windows11-21h2-x64

18 signatures

150 seconds

Malware Config

Extracted

Family

rhadamanthys

C2

https://79.137.205.215:443/9b6ab5e6833f57f95b/ev08gahp.er889

Targets

- Target
  
  Promo Contract for partners WEB VERSION.exe
- Size
  
  673.3MB
- MD5
  
  39143e9f9467951d7481c92f9b47bb94
- SHA1
  
  3f90c3c3024ad5a14de664692671177f707b890f
- SHA256
  
  1b7d670fcf08ef982ebf0eacd19f4242d75216b5f3ad754b48eb7def379c2e16
- SHA512
  
  e2a88feb46c95f9f34b00293ec465919ec492191c07cc96181e7e65e9d9ab16f4fc3828d37a5b53a52ad7dfea2b2c13d498c9344b02328e19a3b9270a68593a4
- SSDEEP
  
  98304:4KxPH1rO5v4CRsJHOj8GxN28jJnMW4SNGXc3f:4GV65v4NF+818VnMW4Ts3f
Score

10^/10

rhadamanthys discovery stealer
- Rhadamanthys
  Rhadamanthys is an info stealer written in C++ first seen in August 2022.
  stealer rhadamanthys
- Rhadamanthys family
  rhadamanthys
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

rhadamanthysdiscoverystealer

© 2018-2025

Terms | Privacy