General

  • Target

    2024-12-19_752ba3bf4b627e1a78275719cf9e41a4_mafia_rhadamanthys

  • Size

    63.6MB

  • Sample

    241219-e8sxhazkbr

  • MD5

    752ba3bf4b627e1a78275719cf9e41a4

  • SHA1

    6cfd8b9934b0fbc31f2f8bc83c89fed2e25f2aad

  • SHA256

    5f3cc281a34872f7732d1174eca50fb85364927cca8dc70ac31623ff38c20a00

  • SHA512

    a856a2f05df0c0b72b3ca4d8353043623bcc7892a935471d5da28d559ea91411aeee0548b530361633ea436d3d9728f6a604397fbda301fcc908b062dd2bf3e4

  • SSDEEP

    1572864:ZSfGaond8g7g64PVkFq/NboJNbbq+veWg+UGEh4J:ZIFony3kYWbqNWg+UGqg

Malware Config

Targets

    • Target

      2024-12-19_752ba3bf4b627e1a78275719cf9e41a4_mafia_rhadamanthys

    • Size

      63.6MB

    • MD5

      752ba3bf4b627e1a78275719cf9e41a4

    • SHA1

      6cfd8b9934b0fbc31f2f8bc83c89fed2e25f2aad

    • SHA256

      5f3cc281a34872f7732d1174eca50fb85364927cca8dc70ac31623ff38c20a00

    • SHA512

      a856a2f05df0c0b72b3ca4d8353043623bcc7892a935471d5da28d559ea91411aeee0548b530361633ea436d3d9728f6a604397fbda301fcc908b062dd2bf3e4

    • SSDEEP

      1572864:ZSfGaond8g7g64PVkFq/NboJNbbq+veWg+UGEh4J:ZIFony3kYWbqNWg+UGqg

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Rhadamanthys family

    • Suspicious use of NtCreateUserProcessOtherParentProcess

MITRE ATT&CK Enterprise v15

Tasks