rhadamanthys

General

Target

RobloxBloxFlip-Predictor-main.zip
Size

1.4MB
Sample

240815-k3fmwavfne
MD5

30fb31283e77dcdfa73b48c761815b0c
SHA1

eda2fa660113fc410279fe3828070932adb74605
SHA256

9615b5847280a68822c5f6693a26c176b4b1bb905d23780349936c59f492d17c
SHA512

3c6728e4a5313d5adbae694643d45083f871edeef7a755aa4ce2bb92f3ddb40394d8dc61ed141373c82deff0ba9d5bd6325bd9a73b72a5e768f0ac801d5f8e6d
SSDEEP

24576:Q9i9oPIix/NGy1ucPSs/gIGBg/uVyaPnsTLuk0p6q/KzScsgW/UOun2Lc3jngwsv:3oPlx/oUH7Y5Ba9knsTL1qS+c3W/Uxti

Score

10^/10

Malware Config

Targets

- Target
  
  RobloxBloxFlip-Predictor-main/BloxFlip.exe
- Size
  
  702KB
- MD5
  
  5e8eefdad5b8ab9b1b47f269ca27d8f7
- SHA1
  
  ba66cf53cfe996d904e57b9409b349da62bb5d27
- SHA256
  
  e915dccc9e65da534932476e8cec4b7e5446dbd022f242e9302ac18d2a041df5
- SHA512
  
  3f353dd053e4cd18cb7c56237230d026404a8c217084e740b152ff3e9e3c8ecf0649dbdc5e98617d82086f2b340588741c7afdf4326e1f6bf56242bf7a8c58a8
- SSDEEP
  
  12288:uQjtwieaRtNsy+vMyX/A8MAnz8gCWxjijlLRjPrDuTsu3WfRme3I:uQjtQatuVY8MAnzCM2RjziTsuERmoI
Score

10^/10

rhadamanthys discovery stealer
- Detect rhadamanthys stealer shellcode
- Rhadamanthys
  Rhadamanthys is an info stealer written in C++ first seen in August 2022.
  stealer rhadamanthys
- Suspicious use of SetThreadContext
behavioral1
- Target
  
  RobloxBloxFlip-Predictor-main/CustomWinApi.hpp
- Size
  
  2KB
- MD5
  
  cbecd4f646bdc33fdd5a51c6129e0d66
- SHA1
  
  3b30641b373f04d123a037246c0c28d50722045a
- SHA256
  
  3345ba28cdb24ca73b3e3d3b4aa72ad623cdd478b7bff31e0faccf57f362ec7b
- SHA512
  
  b68b39f99886b05d14d7888f1b8d0a56b941a3032462ef7cdc1b57aee73b521783eb3954cf6fd579a43158a3674ce4ff1e9c712d7a0ee85c8a05e24347614602
Score

3^/10
behavioral2
- Target
  
  RobloxBloxFlip-Predictor-main/D3DX9_43.dll
- Size
  
  2.3MB
- MD5
  
  7160fc226391c0b50c85571fa1a546e5
- SHA1
  
  2bf450850a522a09e8d1ce0f1e443d86d934f4ad
- SHA256
  
  84b900dbd7fa978d6e0caee26fc54f2f61d92c9c75d10b35f00e3e82cd1d67b4
- SHA512
  
  dfab0eaab8c40fb80369e150cd36ff2224f3a6baf713044f47182961cd501fe4222007f9a93753ac757f64513c707c68a5cf4ae914e23fecaa4656a68df8349b
- SSDEEP
  
  49152:dbCJsk4VlPXA+15Om5wxw9Qsi55K+31BhZ64nW:YIIBnW
Score

1^/10
behavioral3
- Target
  
  RobloxBloxFlip-Predictor-main/VMProtectSDK64.lib
- Size
  
  7KB
- MD5
  
  f8fb5674b416f5f1a8bb4c94d60817c6
- SHA1
  
  56092d5cc15023eda121de5ff1aab47e32bc9a11
- SHA256
  
  c8c4c4d824b42ff38b05bd9f8f3781a63b9318baef087e4e9cf694ac4844a20d
- SHA512
  
  6e37daba16c47d89766665d0b1e7617878cd4e0e2abd0638e5ca3e9366740af0822a05c3fa62d0f60064a9bad4031f8b7e14d6ae5b4570f8326834ef5aa45920
- SSDEEP
  
  48:XrZ5/k5RLRzRCRXB6cI15A3Xy/F/CRcRj15T1tRLRyIBrJaFX43KXyAO4YMKUQl+:bjkqBw1xrR3KxKdKJ0DnBRU/rR
Score

3^/10
behavioral4
- Target
  
  RobloxBloxFlip-Predictor-main/auth.hpp
- Size
  
  1KB
- MD5
  
  68ca7e05166eb5e3d6de4fc6e52749ba
- SHA1
  
  343e9a636141ee4cf970765bd707fd56a7f2bd02
- SHA256
  
  3414a4cb52b4efadfb3c86d451542adbfddd02f6b988c0855052ec287b308222
- SHA512
  
  1608ea43f38ec60d3a059279994c3db91be1e3de183bd5aa0464fb22f2f231a604b905e419ac730553f8f20b9206e7e096b12dda7794f7cd2fedb6b20a112bb1
Score

3^/10
behavioral5
- Target
  
  RobloxBloxFlip-Predictor-main/d3d_Hook.cpp
- Size
  
  3KB
- MD5
  
  ff05bbbd7f112d14088a76ba93aecdc2
- SHA1
  
  9c132125a266ab8419b03d0c95d236b133d737ba
- SHA256
  
  c82208bff966293bf18ada811fa147d174972cc61f5d6bf7cfb24ff6633a5236
- SHA512
  
  ebb88e965addb7e769e036b274c5503124016c4ce8465fc3b2a6ee491aef182b7b05b47e74adc2a567f5f41851e8b2ceb1f8270760ebf97f831aa319331aa21a
Score

3^/10
behavioral6
- Target
  
  RobloxBloxFlip-Predictor-main/imgui.ini
- Size
  
  129B
- MD5
  
  6a7578ca403fbf4a29eae1ea14190bef
- SHA1
  
  185048daacfab144bff41a3695670c38dc46fd6a
- SHA256
  
  bea859d15c0dbc0ef79b96c27dbfb538d648ab8090bba7b0885db57da10114dc
- SHA512
  
  f6e0a8ee2faea78f3019ae780d7d03a14d0534a269b6e53a7bcac9857bdbcce866efca62cb26d9151ea1dbb437404b2a0b79ad7f2bd96f82b4a55c447a5c7447
Score

3^/10
behavioral7