Resubmissions
19-07-2024 09:10
240719-k46wfswhja 119-07-2024 09:10
240719-k41z7stalq 109-07-2024 04:19
240709-exzwnswbnr 808-07-2024 07:13
240708-h2an5azgkg 607-07-2024 10:00
240707-l1l8ba1gqb 1007-07-2024 09:59
240707-l1e41a1gpc 106-07-2024 07:41
240706-jjdhqstcpg 406-07-2024 06:14
240706-gzq3na1blh 106-07-2024 06:14
240706-gzmegaybjq 405-07-2024 10:41
240705-mrjlhawhpp 4General
-
Target
https://github.com
-
Sample
240606-htf6yaba5s
Score
10/10
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
https://github.com
Resource
win10-20240404-en
windows10-1703-x64
29 signatures
1800 seconds
Malware Config
Extracted
Language
ps1
Source
URLs
ps1.dropper
https://rentry.org/FUCKOFFNIGGA/raw
Extracted
Language
ps1
Deobfuscated
URLs
exe.dropper
https://bitbucket.org/gedegrereghh/fuckyougithub/raw/37140025d15f5d49ec2bd023f7557f06268d7c49/pancake-unpacked.rar
Targets
-
-
Target
https://github.com
Score10/10-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-