Overview

overview

10

Static

static

3

file.exe

windows7-x64

5

file.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file.exe

  • Size

    911KB

  • Sample

    240606-sxvtlsgh89

  • MD5

    2872a5264f05d5c17f477175f09acdda

  • SHA1

    3f79c97d7fe7d6d1e5e9529f95dd1bc1873c72d5

  • SHA256

    f4dde5135d892a3b27afc4a95376e7880eee75c2d0b1b711baf4a9bd93bda187

  • SHA512

    ab50cf2fb06390d245b7267c65c869b53e272114383c2aced967aaf8cc8b13e58169739189a647b46f24ebda6aa697240b58174f5dffae3ac66816182e533f63

  • SSDEEP

    24576:8E7C3c6JD1Zz80aMLplXnPV9XURJlKSEgtY+VTCC:8gSD80aMLpZnPVCROSEgtY+VTC

Score
10/10
rhadamanthysstealer

Malware Config

Targets

    • Target

      file.exe

    • Size

      911KB

    • MD5

      2872a5264f05d5c17f477175f09acdda

    • SHA1

      3f79c97d7fe7d6d1e5e9529f95dd1bc1873c72d5

    • SHA256

      f4dde5135d892a3b27afc4a95376e7880eee75c2d0b1b711baf4a9bd93bda187

    • SHA512

      ab50cf2fb06390d245b7267c65c869b53e272114383c2aced967aaf8cc8b13e58169739189a647b46f24ebda6aa697240b58174f5dffae3ac66816182e533f63

    • SSDEEP

      24576:8E7C3c6JD1Zz80aMLplXnPV9XURJlKSEgtY+VTCC:8gSD80aMLpZnPVCROSEgtY+VTC

    Score
    10/10
    rhadamanthysstealer

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks