General

  • Target

    39019575fab01f3526948ba9dfb246558e289a1b7969c2a2ab88a406e97b5a27

  • Size

    424KB

  • Sample

    230414-wsbfysba34

  • MD5

    be40b18130202a07751c968c2d3d18ed

  • SHA1

    59e92b94138b2ce1915091095c75123ca159a31b

  • SHA256

    39019575fab01f3526948ba9dfb246558e289a1b7969c2a2ab88a406e97b5a27

  • SHA512

    727594a2ec1c3f022345597fdbb7c4f78e1ee11b327bb37ec1c9f6610b11473f2678c1325a67cc7478d22fcae57ece47e90504a49231db91f1ebbafd0545e43e

  • SSDEEP

    6144:lV4vkItsLT/5YbHnbuVw53ysEt/PBDfXWPY750mlnM845bT1EbbTt:lV4rtsPRYbH6Vw0LX3NMD1Twb

Malware Config

Extracted

Family

rhadamanthys

C2

http://179.43.142.201/img/favicon.png

Targets

    • Target

      39019575fab01f3526948ba9dfb246558e289a1b7969c2a2ab88a406e97b5a27

    • Size

      424KB

    • MD5

      be40b18130202a07751c968c2d3d18ed

    • SHA1

      59e92b94138b2ce1915091095c75123ca159a31b

    • SHA256

      39019575fab01f3526948ba9dfb246558e289a1b7969c2a2ab88a406e97b5a27

    • SHA512

      727594a2ec1c3f022345597fdbb7c4f78e1ee11b327bb37ec1c9f6610b11473f2678c1325a67cc7478d22fcae57ece47e90504a49231db91f1ebbafd0545e43e

    • SSDEEP

      6144:lV4vkItsLT/5YbHnbuVw53ysEt/PBDfXWPY750mlnM845bT1EbbTt:lV4rtsPRYbH6Vw0LX3NMD1Twb

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Accesses Microsoft Outlook profiles

MITRE ATT&CK Enterprise v6

Tasks