From 031a4c8030acf95f357b00ef58da78944566e647 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=BCrgen=20L=C3=B6hel?= <juergen.loehel@inlyse.com>
Date: Wed, 8 Mar 2023 21:45:39 -0600
Subject: [PATCH] chg [stealer]: Add Rhadamanthys
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Jürgen Löhel <juergen.loehel@inlyse.com>
---
 clusters/stealer.json | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/clusters/stealer.json b/clusters/stealer.json
index 78545bb..8fb3311 100644
--- a/clusters/stealer.json
+++ b/clusters/stealer.json
@@ -196,7 +196,20 @@
       },
       "uuid": "7f95ebda-2c7b-49a4-ad57-bd5766a1f651",
       "value": "Album Stealer"
+    },
+    {
+      "description": "According to PCrisk, Rhadamanthys is a stealer-type malware, and as its name implies - it is designed to extract data from infected machines.",
+      "meta": {
+        "refs": [
+          "https://elis531989.medium.com/dancing-with-shellcodes-analyzing-rhadamanthys-stealer-3c4986966a88",
+          "https://blog.cyble.com/2023/01/12/rhadamanthys-new-stealer-spreading-through-google-ads/",
+          "https://www.malware-traffic-analysis.net/2023/01/03/index.html",
+          "https://threatmon.io/rhadamanthys-stealer-analysis-threatmon/"
+        ]
+      },
+      "uuid": "9eb2a417-2bb6-496c-816b-bccb3f3074f6",
+      "value": "Rhadamanthys"
     }
   ],
-  "version": 11
+  "version": 12
 }