General

  • Target

    f1c7a4791ac99c0e51bda7072cdcbd490ffd79902e96e76032324c7b5cd5859d

  • Size

    423KB

  • Sample

    230414-tvtzzaae99

  • MD5

    cc39ce08beb7d6ee8ec98db090d54ca6

  • SHA1

    b41af522b7f3ab943e5191404ed93aa584d6f172

  • SHA256

    f1c7a4791ac99c0e51bda7072cdcbd490ffd79902e96e76032324c7b5cd5859d

  • SHA512

    1bf81a83f14c55c210ddf80630c67a0034c2f78fa6bdb24c52a486c77c92eeb6d1c7fab975a0e068c9bf681167e70f8c99a94d453362eadda35b736d9e73314c

  • SSDEEP

    6144:+VovVtWBwliA80j+6guF5pv36eS2Z9294BLJrCOdrIZnQnySmbbkYt:+VoTWBwIz0j+9uFues9aJT0Znw5cb

Malware Config

Extracted

Family

rhadamanthys

C2

http://179.43.142.201/img/favicon.png

Targets

    • Target

      f1c7a4791ac99c0e51bda7072cdcbd490ffd79902e96e76032324c7b5cd5859d

    • Size

      423KB

    • MD5

      cc39ce08beb7d6ee8ec98db090d54ca6

    • SHA1

      b41af522b7f3ab943e5191404ed93aa584d6f172

    • SHA256

      f1c7a4791ac99c0e51bda7072cdcbd490ffd79902e96e76032324c7b5cd5859d

    • SHA512

      1bf81a83f14c55c210ddf80630c67a0034c2f78fa6bdb24c52a486c77c92eeb6d1c7fab975a0e068c9bf681167e70f8c99a94d453362eadda35b736d9e73314c

    • SSDEEP

      6144:+VovVtWBwliA80j+6guF5pv36eS2Z9294BLJrCOdrIZnQnySmbbkYt:+VoTWBwIz0j+9uFues9aJT0Znw5cb

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Accesses Microsoft Outlook profiles

MITRE ATT&CK Enterprise v6

Tasks