rhadamanthys | 219e3b92a6e5c8a58c62eb4ca18fc3449edfa0e4c179b44f1630ee6fb211f335 | Triage

Submit
Reports

Overview

overview

Static

static

1

31jan_aciddd.zip

windows10-2004-x64

acid_nopump31.zip

windows10-2004-x64

1

Sharing

General

Target

31jan_aciddd.zip
Size

11.3MB
Sample

250205-stf62sskez
MD5

944b736d52d0b379c59f13f03901b80f
SHA1

fb6b11e6fc753c0a88210f2142712980f10c7fe5
SHA256

219e3b92a6e5c8a58c62eb4ca18fc3449edfa0e4c179b44f1630ee6fb211f335
SHA512

98b81cf4c451da32e6b8056bb31f44e9ce2fbbe5d96021706b6d6b1d2853f704641af08a6e6e7cc91008e9337ae653c0c5b9c88747be3890f2316e1f60d281bf
SSDEEP

196608:pljbfOTiHtxox8vREDnW0hYUSm6Qk5O86SFHM6ajxbJEfnQweairgvffxzaf6uNF:pBbmTCK04PZ0QtTSFJaj9SfTvrfxzaSw

Score

10^/10

rhadamanthys discovery stealer

Static task

static1

Behavioral task

behavioral1

Sample

31jan_aciddd.zip

Resource

win10v2004-20250129-en

rhadamanthys discovery stealer

windows10-2004-x64

18 signatures

60 seconds

Behavioral task

behavioral2

Sample

acid_nopump31.zip

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

60 seconds

Malware Config

Targets

- Target
  
  31jan_aciddd.zip
- Size
  
  11.3MB
- MD5
  
  944b736d52d0b379c59f13f03901b80f
- SHA1
  
  fb6b11e6fc753c0a88210f2142712980f10c7fe5
- SHA256
  
  219e3b92a6e5c8a58c62eb4ca18fc3449edfa0e4c179b44f1630ee6fb211f335
- SHA512
  
  98b81cf4c451da32e6b8056bb31f44e9ce2fbbe5d96021706b6d6b1d2853f704641af08a6e6e7cc91008e9337ae653c0c5b9c88747be3890f2316e1f60d281bf
- SSDEEP
  
  196608:pljbfOTiHtxox8vREDnW0hYUSm6Qk5O86SFHM6ajxbJEfnQweairgvffxzaf6uNF:pBbmTCK04PZ0QtTSFJaj9SfTvrfxzaSw
Score

10^/10

rhadamanthys discovery stealer
- Detects Rhadamanthys payload
- Rhadamanthys
  Rhadamanthys is an info stealer written in C++ first seen in August 2022.
  stealer rhadamanthys
- Rhadamanthys family
  rhadamanthys
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Executes dropped EXE
- Enumerates processes with tasklist
  discovery
behavioral1
- Target
  
  acid_nopump31.zip
- Size
  
  11.3MB
- MD5
  
  52d8607e8c337a7615c5f0d5a2033d83
- SHA1
  
  be6dadbf13662167467a7b399464632e5e063044
- SHA256
  
  fc8e9eea218b154610968e5ec783066eec2fc56efbd24a211d524b8b26e75ff2
- SHA512
  
  ae6ee8e490551670c16d80a66464acb16ae462bb343291b799684fdc8a8efd6548cd4861b6154eb3ca82b86c1388d9f8b24634dab6f48136afe6c765a9e9dc2a
- SSDEEP
  
  196608:vljbfOTiHtxox8vREDnW0hYUSm6Qk5O86SFHM6ajxbJEfnQweairgvffxzaf6uNK:vBbmTCK04PZ0QtTSFJaj9SfTvrfxzaSV
Score

1^/10
behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

rhadamanthysdiscoverystealer

behavioral2

© 2018-2025

Terms | Privacy