General

  • Target

    c6d3e5869e77146cd4c302a18eb02412f4d967e251c143f45a3f69335c392785

  • Size

    424KB

  • Sample

    230414-ydvmdsda5x

  • MD5

    84700eb935fa4f7dd690e0aa2e0f7917

  • SHA1

    6117bb93b114fa3e70538bbeda284df55b55e1a6

  • SHA256

    c6d3e5869e77146cd4c302a18eb02412f4d967e251c143f45a3f69335c392785

  • SHA512

    243f892a14ef185c24a1743949ef026cd7bbdd4ca8afa2ce772de44aa121dfd32a95d3b53b3dbcaa8867abbc282055801d2e10f6448748b6c0f8c9961cb61b66

  • SSDEEP

    12288:WVkV+TDXyF8iHudmWZ/P9SDxp2DT3SVb:M2+TqHusDxpCr

Malware Config

Extracted

Family

rhadamanthys

C2

http://179.43.142.201/img/favicon.png

Targets

    • Target

      c6d3e5869e77146cd4c302a18eb02412f4d967e251c143f45a3f69335c392785

    • Size

      424KB

    • MD5

      84700eb935fa4f7dd690e0aa2e0f7917

    • SHA1

      6117bb93b114fa3e70538bbeda284df55b55e1a6

    • SHA256

      c6d3e5869e77146cd4c302a18eb02412f4d967e251c143f45a3f69335c392785

    • SHA512

      243f892a14ef185c24a1743949ef026cd7bbdd4ca8afa2ce772de44aa121dfd32a95d3b53b3dbcaa8867abbc282055801d2e10f6448748b6c0f8c9961cb61b66

    • SSDEEP

      12288:WVkV+TDXyF8iHudmWZ/P9SDxp2DT3SVb:M2+TqHusDxpCr

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Accesses Microsoft Outlook profiles

MITRE ATT&CK Enterprise v6

Tasks