Rhadamanthys v0.5.0 - a deep dive into the stealer’s components [Thursday, December 14, 2023]

Rhadamanthys v0.5.0 - a deep dive into the stealer’s components [Thursday, December 14, 2023]
Report

Rhadamanthys v0.5.0 - a deep dive into the stealer’s components

Description :
Rhadamanthys is a well-designed, modular stealer. In this article, Check Point Research presented some details of its implementation, showing the incorporated techniques and execution flow. Although the core component comes with a lot of interesting built-in features, the power of this malware lies in its extensibility. The currently analyzed version 0.5.0 supports multiple scripting languages, from LUA (whose interpreter is built-in to the main module) to PowerShell and other scripting languages, that are supported via an additional module.

Published Created Modified
2023-12-14 17:03:49 2023-12-14 17:03:49 2023-12-14 17:18:18

Tags

Indicators

Hashes :
  • 50b1f29ccdf727805a793a9dac61371981334c4a99f8fae85613b3ee57b186d2
  • ee4a487e78f23f5dffc35e73aeb9602514ebd885eb97460dd26635f67847bd16
  • 633b0fe4f3d2bfb18d4ad648ff223fe6763397daa033e9c5d79f2cae89a6c3b2
  • f1f33618bbb8551b183304ddb18e0a8b8200642ec52d5b72d3c75a00cdb99fd4
  • ecab35dfa6b03fed96bb69ffcecd11a29113278f53c6a84adced1167b66abe62
  • 3d010e3fce1b2c9ab5b8cc125be812e63b661ddcbde40509a49118c2330ef9d0
  • a905226a2486ccc158d44cf4c1728e103472825fb189e05c17d998b9f5534d63
  • 6ed3ac428961b350d4c8094a10d7685578ce02c6cd41cc7f98d8eeb361f0ee38
  • 4fd469d08c051d6997f0471d91ccf96c173d27c8cff5bd70c3f2c5008faa786f
  • a87032195e38892b351641e08c81b92a1ea888c3c74a0c7464160e86613c4476
  • 01609701a3ea751dc2323bec8018e11742714dc1b1c2dcb39282f3c4a4537c7d
  • f82ec2246dde81ca9edb69fb9c7ce3f7101f5ffcdc3bdb86fea2a5373fb026fb
  • 5890b47df83b992e2bd8617d0ae4d492663ca870ed63ce47bb82f00fa3b82cf9
  • fcb00beaa88f7827999856ba12302086cadbc1252261d64379172f2927a6760e
  • 2b6faa98a7617db2bd9e70c0ce050588c8b856484d97d46b50ed3bb94bdd62f7
  • 22a67f510dfb7ca822b5720b89cd81abfa5e63fefa1cdc7e266fbcbb0698db33
  • ed713454c20844522304c49cfe25fe1490418c300e5ab0c9fca431ede1e91d7b
  • bb8bbcc948e8dca2e5a0270c41c062a29994a2d9b51e820ed74d9b6e2a01ddcf
MITRE ATT&CK Techniques :

External References

You can download the txt file containing the indicators by clicking on the button below:

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.