rhadamanthys | 90c7d3b939db02faf27a670beedb61ffaf33a940119484a1b62dbfe21656afdd | Triage

Submit
Reports

Overview

overview

Static

static

SKRIPTGG-F...in.zip

windows11-21h2-x64

Resubmissions

15-01-2025 22:53

250115-2t2meszmfl 10

10-01-2025 21:04

250110-zwketazlgq 10

Sharing

General

Target

SKRIPTGG-FIVEM-main.zip
Size

884KB
Sample

250115-2t2meszmfl
MD5

e5eb6a37e9cd8d4cd3d3a1879cc71bc0
SHA1

44936b7f945d8d8813e64f9b5708059d9714fcdf
SHA256

90c7d3b939db02faf27a670beedb61ffaf33a940119484a1b62dbfe21656afdd
SHA512

02eb80e5dff1551268abd6d366e36f88f8a940ceb2a4242b677a8823b51217e8fa8548d4abbd3c80ef9a112a2741cf75b09000ceb0da2cfe24df5303865c7cfd
SSDEEP

24576:nZQ6J4P2JcjGWJQmrfjNiVrGroGxgkIKgC:nJCuJQ9Jf/NqrGMGxUdC

Score

10^/10

rhadamanthys discovery stealer

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

SKRIPTGG-FIVEM-main.zip

Resource

win11-20241007-en

rhadamanthys discovery stealer

windows11-21h2-x64

20 signatures

150 seconds

Malware Config

Extracted

Family

rhadamanthys

C2

https://185.125.50.38:3034/739bd3e91cd40ca83/pancake.api

Targets

- Target
  
  SKRIPTGG-FIVEM-main.zip
- Size
  
  884KB
- MD5
  
  e5eb6a37e9cd8d4cd3d3a1879cc71bc0
- SHA1
  
  44936b7f945d8d8813e64f9b5708059d9714fcdf
- SHA256
  
  90c7d3b939db02faf27a670beedb61ffaf33a940119484a1b62dbfe21656afdd
- SHA512
  
  02eb80e5dff1551268abd6d366e36f88f8a940ceb2a4242b677a8823b51217e8fa8548d4abbd3c80ef9a112a2741cf75b09000ceb0da2cfe24df5303865c7cfd
- SSDEEP
  
  24576:nZQ6J4P2JcjGWJQmrfjNiVrGroGxgkIKgC:nJCuJQ9Jf/NqrGMGxUdC
Score

10^/10

rhadamanthys discovery stealer
- Rhadamanthys
  Rhadamanthys is an info stealer written in C++ first seen in August 2022.
  stealer rhadamanthys
- Rhadamanthys family
  rhadamanthys
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

rhadamanthysdiscoverystealer

© 2018-2025

Terms | Privacy