Overview

overview

10

Static

static

1

RG Launche...50.exe

windows10-2004-x64

10

RG Launche...50.exe

windows10-ltsc 2021-x64

10

Resubmissions

25-12-2024 10:23

241225-mexbtsskel 10

24-12-2024 21:01

241224-zt1c9axlbs 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    RG Launcher v2.150.exe

  • Size

    178.1MB

  • Sample

    241224-zt1c9axlbs

  • MD5

    cbaedbb56be67ae226275a73d680b0de

  • SHA1

    978dd3afac1f1e2e0e0c407d40827ca641b03d5a

  • SHA256

    3cefc76dc59f54df0dfa41fa9b65ff06d4d4e1e5b4bca91db1370b2cf582a826

  • SHA512

    b7a015fdd4e1facf267645082c747c4ef2d7a94ea5c11ccceaaa89ab304776ac0b95a6b464308acd8646835584cf09a47a396970a2cc232bbac2cd124284f600

  • SSDEEP

    786432:qC+zTLKV+8ym5CqWpQshx4i9vnrX5h9vSIii4h4euGlNTqu1idDf47lscee9:qTTG/PkDzr9v/FpiZhOGlNGbcT

Score
10/10
rhadamanthysdiscoverystealer

Malware Config

Targets

    • Target

      RG Launcher v2.150.exe

    • Size

      178.1MB

    • MD5

      cbaedbb56be67ae226275a73d680b0de

    • SHA1

      978dd3afac1f1e2e0e0c407d40827ca641b03d5a

    • SHA256

      3cefc76dc59f54df0dfa41fa9b65ff06d4d4e1e5b4bca91db1370b2cf582a826

    • SHA512

      b7a015fdd4e1facf267645082c747c4ef2d7a94ea5c11ccceaaa89ab304776ac0b95a6b464308acd8646835584cf09a47a396970a2cc232bbac2cd124284f600

    • SSDEEP

      786432:qC+zTLKV+8ym5CqWpQshx4i9vnrX5h9vSIii4h4euGlNTqu1idDf47lscee9:qTTG/PkDzr9v/FpiZhOGlNGbcT

    Score
    10/10
    discoveryrhadamanthysstealer

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Rhadamanthys family

      rhadamanthys

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks