General

  • Target

    0fde8a0e7f9ee75015bdafb7853d463e199156e29a95e1bfffd4796e8a4f96dc

  • Size

    423KB

  • Sample

    230414-vk87kscc8s

  • MD5

    51ca57d7945cedeb37b84b5157b8c4a1

  • SHA1

    e3f679f80767497707042f0817d56348e51c077d

  • SHA256

    0fde8a0e7f9ee75015bdafb7853d463e199156e29a95e1bfffd4796e8a4f96dc

  • SHA512

    f5c496b57df14ba33a85f2925523ce96a724b611ac48822cc463b78345390c82eb4934f59a7e4c2d1896b96355c095dce6c2438ffdbb885e9c799539b3dfd78d

  • SSDEEP

    6144:kVmvSdYelxlQKDprgOK2O01Jb32UBCXX8yZkquPbbnt:kVmoYeLWKDp8OKYdHB28iKDb

Malware Config

Extracted

Family

rhadamanthys

C2

http://179.43.142.201/img/favicon.png

Targets

    • Target

      0fde8a0e7f9ee75015bdafb7853d463e199156e29a95e1bfffd4796e8a4f96dc

    • Size

      423KB

    • MD5

      51ca57d7945cedeb37b84b5157b8c4a1

    • SHA1

      e3f679f80767497707042f0817d56348e51c077d

    • SHA256

      0fde8a0e7f9ee75015bdafb7853d463e199156e29a95e1bfffd4796e8a4f96dc

    • SHA512

      f5c496b57df14ba33a85f2925523ce96a724b611ac48822cc463b78345390c82eb4934f59a7e4c2d1896b96355c095dce6c2438ffdbb885e9c799539b3dfd78d

    • SSDEEP

      6144:kVmvSdYelxlQKDprgOK2O01Jb32UBCXX8yZkquPbbnt:kVmoYeLWKDp8OKYdHB28iKDb

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Accesses Microsoft Outlook profiles

MITRE ATT&CK Enterprise v6

Tasks