rhadamanthys | 90c7d3b939db02faf27a670beedb61ffaf33a940119484a1b62dbfe21656afdd | Triage

Resubmissions

15-01-2025 22:53

250115-2t2meszmfl 10

10-01-2025 21:04

250110-zwketazlgq 10

Sharing

General

Target

SKRIPTGG-FIVEM-main.zip
Size

884KB
Sample

250110-zwketazlgq
MD5

e5eb6a37e9cd8d4cd3d3a1879cc71bc0
SHA1

44936b7f945d8d8813e64f9b5708059d9714fcdf
SHA256

90c7d3b939db02faf27a670beedb61ffaf33a940119484a1b62dbfe21656afdd
SHA512

02eb80e5dff1551268abd6d366e36f88f8a940ceb2a4242b677a8823b51217e8fa8548d4abbd3c80ef9a112a2741cf75b09000ceb0da2cfe24df5303865c7cfd
SSDEEP

24576:nZQ6J4P2JcjGWJQmrfjNiVrGroGxgkIKgC:nJCuJQ9Jf/NqrGMGxUdC

Score

10^/10

rhadamanthys discovery stealer

Malware Config

Extracted

Family

rhadamanthys

C2

https://185.125.50.38:3034/739bd3e91cd40ca83/pancake.api

Targets

- Target
  
  RubixLauncher.exe
- Size
  
  355KB
- MD5
  
  8a6f1580a5b9b94d7cd47cc6b1af1b9a
- SHA1
  
  e68768afd59e18091d345cb300e859572e8d4c5c
- SHA256
  
  bb1464e75c750d90c0c49d148c9e64eefe0c29b2f670d708c8085ddd3104dbfe
- SHA512
  
  1663a9e0868b3f5d7e1edd30259024e419c2d190ec8c31e76e66aef0c8a0e02da0c829584214b9e2f76cbd349a53bf77d01d03e9b0e9c8a99eb18021b1d53309
- SSDEEP
  
  6144:g2qezd2ab1/RuHk+M3k8M3W7XomjOJCqshrOlumY6DMIewgxQfqhsb:gf2R/EEkCQFYDwRqW
Score

10^/10

rhadamanthys discovery stealer
- Rhadamanthys
  Rhadamanthys is an info stealer written in C++ first seen in August 2022.
  stealer rhadamanthys
- Rhadamanthys family
  rhadamanthys
- Suspicious use of NtCreateUserProcessOtherParentProcess
behavioral1 behavioral2
- Target
  
  SKRIPTGG-FIVEM-main/license.dll
- Size
  
  1.2MB
- MD5
  
  36dea25d49b9dff21acebface8ea2044
- SHA1
  
  5bd97162bc98e36c124811c360dbf29c6233405e
- SHA256
  
  d960a2eac5e7f1aa04e9f8d0da4eb9bb0b097ca58d0ce83ea1bb8351baf26301
- SHA512
  
  64f06db24297e30d7ec91d3cf9ccc33f28eb9041e463933866b09de0d138d964505aa38f32158be5e5491e4aa68d8ae77bccce9c068e5980d2281a24294bccf8
- SSDEEP
  
  24576:1iE0l9oS0Cl/9qZPcYJZEiDO3ytIPMunHuGKFufrrH1:YE0l1ZlVsPc06i63aIPZnBX
Score

1^/10
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

rhadamanthysdiscoverystealer

behavioral2

rhadamanthysdiscoverystealer

behavioral3

behavioral4