rhadamanthys | bd86b97948754903efe08cdb8b90c045e2fd10b6a7be88f94453e2489b2313c3 | Triage

Resubmissions

25-11-2024 11:57

241125-n4tsns1rgp 10

01-08-2024 04:23

240801-ezyfmawdpb 3

Sharing

General

Target

bd86b97948754903efe08cdb8b90c045e2fd10b6a7be88f94453e2489b2313c3
Size

424KB
Sample

241125-n4tsns1rgp
MD5

c0d3dcfbd7b9aa18dd4a20aeaa6bf7c5
SHA1

722589fcc3eaba02dcefcc56d38519f2e5c76dc1
SHA256

bd86b97948754903efe08cdb8b90c045e2fd10b6a7be88f94453e2489b2313c3
SHA512

99be05bafd2c5fce3c029a70a8f14a1a519c8dff242041a543d2c62c4d119b164d5d400fe3a2fb078330d4662bce97f53370a34340d62a4b767e4250cd830d94
SSDEEP

6144:RAYM3ZEWqf/qwPF7LR5W8ZJ74zmRiOFBbMh9q/JSq3ChNeK06iiRzmi0F9:RWBqf/qq3R5W8ZB4zmRzbatsViRUF9

Score

10^/10

rhadamanthys discovery stealer

Malware Config

Extracted

Family

rhadamanthys

C2

https://109.120.176.41:4394/b354743999779/gumweb0s.39um3

Targets

- Target
  
  bd86b97948754903efe08cdb8b90c045e2fd10b6a7be88f94453e2489b2313c3
- Size
  
  424KB
- MD5
  
  c0d3dcfbd7b9aa18dd4a20aeaa6bf7c5
- SHA1
  
  722589fcc3eaba02dcefcc56d38519f2e5c76dc1
- SHA256
  
  bd86b97948754903efe08cdb8b90c045e2fd10b6a7be88f94453e2489b2313c3
- SHA512
  
  99be05bafd2c5fce3c029a70a8f14a1a519c8dff242041a543d2c62c4d119b164d5d400fe3a2fb078330d4662bce97f53370a34340d62a4b767e4250cd830d94
- SSDEEP
  
  6144:RAYM3ZEWqf/qwPF7LR5W8ZJ74zmRiOFBbMh9q/JSq3ChNeK06iiRzmi0F9:RWBqf/qq3R5W8ZB4zmRzbatsViRUF9
Score

10^/10

rhadamanthys discovery stealer
- Rhadamanthys
  Rhadamanthys is an info stealer written in C++ first seen in August 2022.
  stealer rhadamanthys
- Rhadamanthys family
  rhadamanthys
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

rhadamanthysdiscoverystealer