General
-
Target
RobloxBloxFlip-Predictor
-
Size
309KB
-
Sample
240609-nn49gaaa5y
-
MD5
80d4883d3d081aef318a54230aa2fbc7
-
SHA1
d2f40b4cf23f500dc7840a0f96244214b4d04237
-
SHA256
0cae1987cbdda862834641c75759734757ec0c2d24506c3ffd20d97d078c4a3c
-
SHA512
9de6f0e755f32ea55e1b8ebfff1c90f7208a5b25153cf8c3770e13b8508821e226b22a53ae4fc27b04b3910264d8e9658ff694890573ef2937b5502400763219
-
SSDEEP
6144:xto5D2n9dH5M2vkm0aWyRv3pId9RbH9vvZJT3CqbMrhryfQNRPaCieMjAkvCJv1B:3o5D2n9dH5M2vkm0aWyRv3pId9Rb9vva
Static task
static1
Behavioral task
behavioral1
Sample
RobloxBloxFlip-Predictor
Resource
win10-20240404-en
Behavioral task
behavioral2
Sample
RobloxBloxFlip-Predictor
Resource
win11-20240419-en
Malware Config
Targets
-
-
Target
RobloxBloxFlip-Predictor
-
Size
309KB
-
MD5
80d4883d3d081aef318a54230aa2fbc7
-
SHA1
d2f40b4cf23f500dc7840a0f96244214b4d04237
-
SHA256
0cae1987cbdda862834641c75759734757ec0c2d24506c3ffd20d97d078c4a3c
-
SHA512
9de6f0e755f32ea55e1b8ebfff1c90f7208a5b25153cf8c3770e13b8508821e226b22a53ae4fc27b04b3910264d8e9658ff694890573ef2937b5502400763219
-
SSDEEP
6144:xto5D2n9dH5M2vkm0aWyRv3pId9RbH9vvZJT3CqbMrhryfQNRPaCieMjAkvCJv1B:3o5D2n9dH5M2vkm0aWyRv3pId9Rb9vva
Score10/10-
Detect rhadamanthys stealer shellcode
-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of SetThreadContext
-