General

  • Target

    0a18ba581e56b7e01d5fe5ec29c783751a675db14504eeafd079fc6e07080e92

  • Size

    424KB

  • Sample

    230414-s4hgvsca4y

  • MD5

    0190b13ef97e1b87417400746ea2edde

  • SHA1

    666dc4a7ad50c4d03ce8c010742e5237e9411be0

  • SHA256

    0a18ba581e56b7e01d5fe5ec29c783751a675db14504eeafd079fc6e07080e92

  • SHA512

    f0ba789e5fb608175dadfdc3e1384e1b39837a81540e22a0ecaf575a9253faa4f3b8f25f111b88e237420bde87b59f9c4385bf07d7af0586c23d4df9cccf6b60

  • SSDEEP

    6144:SV4vkItsLT/5YbHnbuVw53Mv2WN+5ySLz/ZU9ODJ5USR7jk02MbbuVt:SV4rtsPRYbH6Vwev2U2FdmYz2Cbu

Malware Config

Extracted

Family

rhadamanthys

C2

http://179.43.142.201/img/favicon.png

Targets

    • Target

      0a18ba581e56b7e01d5fe5ec29c783751a675db14504eeafd079fc6e07080e92

    • Size

      424KB

    • MD5

      0190b13ef97e1b87417400746ea2edde

    • SHA1

      666dc4a7ad50c4d03ce8c010742e5237e9411be0

    • SHA256

      0a18ba581e56b7e01d5fe5ec29c783751a675db14504eeafd079fc6e07080e92

    • SHA512

      f0ba789e5fb608175dadfdc3e1384e1b39837a81540e22a0ecaf575a9253faa4f3b8f25f111b88e237420bde87b59f9c4385bf07d7af0586c23d4df9cccf6b60

    • SSDEEP

      6144:SV4vkItsLT/5YbHnbuVw53Mv2WN+5ySLz/ZU9ODJ5USR7jk02MbbuVt:SV4rtsPRYbH6Vwev2U2FdmYz2Cbu

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Accesses Microsoft Outlook profiles

MITRE ATT&CK Enterprise v6

Tasks