General

  • Target

    286e0399a5dac756b505e257469657d22104360bfde3d24487848d9058b21a50

  • Size

    423KB

  • Sample

    230414-3n73pacd46

  • MD5

    7c6214eb8314e4f0250fc4dfa3c8659b

  • SHA1

    dbff49b4f95aa8ec139b9e8a82e4a225f2198cc7

  • SHA256

    286e0399a5dac756b505e257469657d22104360bfde3d24487848d9058b21a50

  • SHA512

    b39df5822fc363505bd594b13db262dbbe622c0ed917bacb0f941a38498ae64b27a1af66d1d4fe7fb5461bf3ccb859610dc6f56a3ff85de355cac73e1d8087e6

  • SSDEEP

    6144:HRJs52IAjMlLzmBcn/9AvjRkB+nlZu357r3VLEvTj6Ti:HRe5XuMlLz0WeaF53VL2V

Malware Config

Extracted

Family

rhadamanthys

C2

http://179.43.142.201/img/favicon.png

Targets

    • Target

      286e0399a5dac756b505e257469657d22104360bfde3d24487848d9058b21a50

    • Size

      423KB

    • MD5

      7c6214eb8314e4f0250fc4dfa3c8659b

    • SHA1

      dbff49b4f95aa8ec139b9e8a82e4a225f2198cc7

    • SHA256

      286e0399a5dac756b505e257469657d22104360bfde3d24487848d9058b21a50

    • SHA512

      b39df5822fc363505bd594b13db262dbbe622c0ed917bacb0f941a38498ae64b27a1af66d1d4fe7fb5461bf3ccb859610dc6f56a3ff85de355cac73e1d8087e6

    • SSDEEP

      6144:HRJs52IAjMlLzmBcn/9AvjRkB+nlZu357r3VLEvTj6Ti:HRe5XuMlLz0WeaF53VL2V

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Accesses Microsoft Outlook profiles

MITRE ATT&CK Enterprise v6

Tasks