General

  • Target

    187d606c92f03bef16476280239d4c92956389cd19b379f3770c05a974ef4540

  • Size

    422KB

  • Sample

    230414-19g3aacb68

  • MD5

    b8630bbc6558cc34b3b8dfd6812366de

  • SHA1

    fe1c72d5cf87985e283cba055a4c1196a5b27354

  • SHA256

    187d606c92f03bef16476280239d4c92956389cd19b379f3770c05a974ef4540

  • SHA512

    e3c113adb561724d3bb078bd7c86db8c5a579d6230c5914efc122d1df6f4c152ffa59fffaf6a8388115b95b332dae3779435c40c0c5959cbdd32bf8234cf9a1b

  • SSDEEP

    6144:nGNBS8hO6D+P12w1baneJdBUz5ACVHSTMawEP9qxi:nGm8AjP12ubaCBUmIHCF9z

Malware Config

Extracted

Family

rhadamanthys

C2

http://179.43.142.201/img/favicon.png

Targets

    • Target

      187d606c92f03bef16476280239d4c92956389cd19b379f3770c05a974ef4540

    • Size

      422KB

    • MD5

      b8630bbc6558cc34b3b8dfd6812366de

    • SHA1

      fe1c72d5cf87985e283cba055a4c1196a5b27354

    • SHA256

      187d606c92f03bef16476280239d4c92956389cd19b379f3770c05a974ef4540

    • SHA512

      e3c113adb561724d3bb078bd7c86db8c5a579d6230c5914efc122d1df6f4c152ffa59fffaf6a8388115b95b332dae3779435c40c0c5959cbdd32bf8234cf9a1b

    • SSDEEP

      6144:nGNBS8hO6D+P12w1baneJdBUz5ACVHSTMawEP9qxi:nGm8AjP12ubaCBUmIHCF9z

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Accesses Microsoft Outlook profiles

MITRE ATT&CK Enterprise v6

Tasks