{
  "name": "RHADAMANTHYS: In-Depth Analysis of a Sophisticated Stealer Targeting Israeli Users",
  "slug": "rhadamanthys-in-depth-analysis-of-a-sophisticated-stealer-targeting-israeli-users",
  "description": "This comprehensive technical analysis delves into the intricate workings of an advanced and localized malware campaign employing the RHADAMANTHYS stealer. Dissecting the infection chain, anti-analysis techniques, data theft capabilities, and Command & Control infrastructure, this detailed report sheds light on a formidable threat that targets Israeli users through meticulously crafted social engineering schemes. The malware's sophisticated features, coupled with its potential appeal to both cybercriminals and nation-state actors, underscore the need for heightened vigilance and robust defense measures.",
  "published": "2024-08-05T06:39:11+00:00",
  "created_at": "2024-08-05T06:39:11+00:00",
  "modified_at": "2024-08-05T07:05:04+00:00",
  "created_at_opencti": "2024-08-05T06:39:11+00:00",
  "author": "",
  "confidence": null,
  "report_types": [],
  "labels": [],
  "tags": [
    "2024-08-05",
    "evasion",
    "israeli",
    "persistence",
    "phishing",
    "rhadamanthys",
    "stealer"
  ],
  "related_entities": {
    "observables": [
      {
        "id": "",
        "name": "103.68.109.208"
      },
      {
        "id": "",
        "name": "RHADAMANTHYS_Stealer"
      },
      {
        "id": "",
        "name": "f3291a98446b3a24a7ccd4b44bc05bfd48502179835fe3429f81d211579f5a4b"
      },
      {
        "id": "",
        "name": "a7dbbad8a1cd038e5ab5b3c6b1b312774d808e4b0a2254e8039036972ac8881a"
      },
      {
        "id": "",
        "name": "48aaa2dec95537cdf9fc471dbcbb4ff726be4a0647dbdf6300fa61858c2b0099"
      }
    ],
    "malware": [
      {
        "id": "legacy:malware:96d5163803bd1444",
        "name": "RHADAMANTHYS",
        "slug": "rhadamanthys"
      }
    ],
    "attack_patterns": [
      {
        "id": "741a926d-4157-412c-9296-f701c8dbd56d",
        "name": "T1027.003"
      },
      {
        "id": "da984cc6-137c-4683-bc00-cb38db452e73",
        "name": "T1088"
      },
      {
        "id": "0cad3bc9-06c8-4bb1-b85b-cdcb64605ead",
        "name": "T1025"
      },
      {
        "id": "1e043fe4-2413-4b8e-887c-0fe45d095a24",
        "name": "T1583"
      },
      {
        "id": "93b2c4dd-5523-4464-8976-78754ee372fd",
        "name": "T1012"
      },
      {
        "id": "fe6f2946-a01e-460c-9636-8c48b45dd0e6",
        "name": "T1189"
      },
      {
        "id": "9322d33b-00c1-4f99-9f1a-a33d93c0dac2",
        "name": "T1059.007"
      },
      {
        "id": "926a888c-190c-4efb-ab6b-f9d7e6a0fc54",
        "name": "T1547"
      },
      {
        "id": "a7262c61-4567-4a00-8cec-aae6264234a9",
        "name": "T1218"
      },
      {
        "id": "c473a756-355a-42ad-a0df-cd3a8fa006d1",
        "name": "T1057"
      },
      {
        "id": "cbd87c8c-3bed-461a-acef-56ffc8b87571",
        "name": "T1105"
      },
      {
        "id": "45082a8e-9c79-470e-ad1b-decac7188e8f",
        "name": "T1083"
      },
      {
        "id": "7abb6e8c-d357-49ef-9244-017043055224",
        "name": "T1205"
      },
      {
        "id": "7d7ac733-6442-416f-8669-c302dd0843b9",
        "name": "T1036"
      },
      {
        "id": "50514c04-b3a2-4abf-a855-e3a434200c87",
        "name": "T1204"
      },
      {
        "id": "0c836307-129e-4ff7-a532-180c633cacba",
        "name": "T1027"
      },
      {
        "id": "0b2b1ecd-d52e-492a-af08-050954bc03e5",
        "name": "T1056"
      },
      {
        "id": "5d4ae945-eb29-4b3b-aa69-bc32dc769878",
        "name": "T1558"
      },
      {
        "id": "6a495275-5433-4b64-90e5-18b9f07296da",
        "name": "T1072"
      },
      {
        "id": "9b6064e6-a05b-4e95-baf5-34d180bc9221",
        "name": "T1059"
      }
    ],
    "others": [
      {
        "id": "",
        "name": "Israel"
      }
    ]
  },
  "external_refs": [
    "https://maordayanofficial.medium.com/rhadamanthys-an-in-depth-analysis-of-a-sophisticated-stealer-targeting-israeli-users-330fbfd68f3b",
    "https://otx.alienvault.com/pulse/66b08fafd59f281f7773e6f1"
  ]
}