New analysis out of ARC Labs on Rhadamanthys Stealer.
Utilizes native utilities like cmd, findstr, and tasklist to blend in with normal operations
It relies on process injection to hijack programs like OpenWith.exe and OOBE-Maintenance to mask activities.
https://www.binarydefense.com/resources/blog/rhadamanthys-stealer-analysis-for-detection-opportunities/
Utilizes native utilities like cmd, findstr, and tasklist to blend in with normal operations
It relies on process injection to hijack programs like OpenWith.exe and OOBE-Maintenance to mask activities.
https://www.binarydefense.com/resources/blog/rhadamanthys-stealer-analysis-for-detection-opportunities/
Comments