General

  • Target

    SecuriteInfo.com.Variant.Zusy.448594.18566.12190.exe

  • Size

    179KB

  • Sample

    230224-pxb5qabc27

  • MD5

    cee44021a4841cf66516938c3b09cd3a

  • SHA1

    0e2d3a5f496f87ea41b0fe273332dee4b0988d9f

  • SHA256

    7d16edee6fbccf5bcb73691b8f69113f3e80c804d66b49e71be48ef21eea30b5

  • SHA512

    43e3a990b9a19f6890c1a86ddf41a59d2f42c3dd902dcd73ece9f6fcf4ffb9347b785a10ab0a7a9e0fc8c72ad14d31e2a90593dd585d3a1aee71b72208b5c4cb

  • SSDEEP

    3072:bwevYpKTDMDU3fuuE46lC4PQyfHU6Ig4cjnjFRpbll/XbqefxlS3ETgmBN8vqI5L:sevY8m+u3wB4HzlrzPOefxoEBK7

Malware Config

Targets

    • Target

      SecuriteInfo.com.Variant.Zusy.448594.18566.12190.exe

    • Size

      179KB

    • MD5

      cee44021a4841cf66516938c3b09cd3a

    • SHA1

      0e2d3a5f496f87ea41b0fe273332dee4b0988d9f

    • SHA256

      7d16edee6fbccf5bcb73691b8f69113f3e80c804d66b49e71be48ef21eea30b5

    • SHA512

      43e3a990b9a19f6890c1a86ddf41a59d2f42c3dd902dcd73ece9f6fcf4ffb9347b785a10ab0a7a9e0fc8c72ad14d31e2a90593dd585d3a1aee71b72208b5c4cb

    • SSDEEP

      3072:bwevYpKTDMDU3fuuE46lC4PQyfHU6Ig4cjnjFRpbll/XbqefxlS3ETgmBN8vqI5L:sevY8m+u3wB4HzlrzPOefxoEBK7

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Accesses Microsoft Outlook profiles

MITRE ATT&CK Enterprise v6

Tasks