rhadamanthys | 7774449e13c24d2b0b69114d9ba044e80dc8378fa3dfb5d17a142d5cb4cde8af | Triage

Submit
Reports

Overview

overview

Static

static

1

TeraBox.exe

windows10-2004-x64

Sharing

General

Target

TeraBox.exe
Size

6.3MB
Sample

240609-lac7qahd28
MD5

7ab6073a5c400a5071bfa4ef2d936425
SHA1

f794ea18eced4330979972da2a4bfa33c03afa2f
SHA256

7774449e13c24d2b0b69114d9ba044e80dc8378fa3dfb5d17a142d5cb4cde8af
SHA512

4371b6b49df43dab4abf90a71819276f30dca823c93335edd5513a67a646c97ef575b2ede650ceb2f0f168af13431254530e9bffc3db0f5b0eada1492c3cab73
SSDEEP

98304:52XswubXaFliXVEaqz56LtbSeK78yYkVvkg7m8Etg1C9Y41WCpq:8XswuuKE7E4IDkVvkgK9fVWCo

Score

10^/10

rhadamanthys stealer

Static task

static1

Behavioral task

behavioral1

Sample

TeraBox.exe

Resource

win10v2004-20240426-en

rhadamanthys stealer

windows10-2004-x64

15 signatures

150 seconds

Malware Config

Targets

- Target
  
  TeraBox.exe
- Size
  
  6.3MB
- MD5
  
  7ab6073a5c400a5071bfa4ef2d936425
- SHA1
  
  f794ea18eced4330979972da2a4bfa33c03afa2f
- SHA256
  
  7774449e13c24d2b0b69114d9ba044e80dc8378fa3dfb5d17a142d5cb4cde8af
- SHA512
  
  4371b6b49df43dab4abf90a71819276f30dca823c93335edd5513a67a646c97ef575b2ede650ceb2f0f168af13431254530e9bffc3db0f5b0eada1492c3cab73
- SSDEEP
  
  98304:52XswubXaFliXVEaqz56LtbSeK78yYkVvkg7m8Etg1C9Y41WCpq:8XswuuKE7E4IDkVvkgK9fVWCo
Score

10^/10

rhadamanthys stealer
- Rhadamanthys
  Rhadamanthys is an info stealer written in C++ first seen in August 2022.
  stealer rhadamanthys
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

rhadamanthysstealer

© 2018-2024

Terms | Privacy