rhadamanthys | 57939197bad88b1f26555826a1de37b5527483a5583745cd614aff349cb41ea4 | Triage

Submit
Reports

Overview

overview

Static

static

57939197ba...a4.exe

windows10-2004-x64

Resubmissions

27-11-2024 10:05

241127-l4hpasypes 10

19-09-2023 18:33

230919-w7cbssbb9w 10

Sharing

General

Target

57939197bad88b1f26555826a1de37b5527483a5583745cd614aff349cb41ea4
Size

456KB
Sample

241127-l4hpasypes
MD5

c5c64755f463c91c92f516b3214c5b37
SHA1

04b2137cf45cf32ad141c52ac66f67687bc7f35c
SHA256

57939197bad88b1f26555826a1de37b5527483a5583745cd614aff349cb41ea4
SHA512

9435b7d5d14de252e75335c80091ae3670bdf3be2cf02116b52ae7c1852e00085d8a601b19440af4034ce42da716972943bf9368bcde77870f9981f5f779cdd0
SSDEEP

6144:2uWP/BtSnurUylcrGYlnIttxv8HbcLgsd1Gus5psdrvV44dixP+MHDkBYdxtG9+g:2uWP/BZUyoLu8Agsmxwrvejkd2

Score

10^/10

rhadamanthys discovery stealer

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

57939197bad88b1f26555826a1de37b5527483a5583745cd614aff349cb41ea4.exe

Resource

win10v2004-20241007-en

rhadamanthys discovery stealer

windows10-2004-x64

7 signatures

30 seconds

Malware Config

Extracted

Family

rhadamanthys

C2

https://94.131.112.209:9856/c12864785ee61361/to3s8rfq.igwcd

Targets

- Target
  
  57939197bad88b1f26555826a1de37b5527483a5583745cd614aff349cb41ea4
- Size
  
  456KB
- MD5
  
  c5c64755f463c91c92f516b3214c5b37
- SHA1
  
  04b2137cf45cf32ad141c52ac66f67687bc7f35c
- SHA256
  
  57939197bad88b1f26555826a1de37b5527483a5583745cd614aff349cb41ea4
- SHA512
  
  9435b7d5d14de252e75335c80091ae3670bdf3be2cf02116b52ae7c1852e00085d8a601b19440af4034ce42da716972943bf9368bcde77870f9981f5f779cdd0
- SSDEEP
  
  6144:2uWP/BtSnurUylcrGYlnIttxv8HbcLgsd1Gus5psdrvV44dixP+MHDkBYdxtG9+g:2uWP/BZUyoLu8Agsmxwrvejkd2
Score

10^/10

rhadamanthys discovery stealer
- Detect rhadamanthys stealer shellcode
- Rhadamanthys
  Rhadamanthys is an info stealer written in C++ first seen in August 2022.
  stealer rhadamanthys
- Rhadamanthys family
  rhadamanthys
- Suspicious use of NtCreateUserProcessOtherParentProcess
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

rhadamanthysdiscoverystealer

© 2018-2024

Terms | Privacy