General

  • Target

    70850c5d011ddde433b2e5887d4844a4ec3159125809c1da4f92c9ca2a4261f6

  • Size

    418KB

  • Sample

    230415-1jy8wafg94

  • MD5

    3af1d419a6b4359fa3f884eed0153954

  • SHA1

    3216468a6e656e860047c5a9b608b09a59c667bf

  • SHA256

    70850c5d011ddde433b2e5887d4844a4ec3159125809c1da4f92c9ca2a4261f6

  • SHA512

    8766dbca8739668f7502f9cc3c8701765fa8c63c95f7d5ef6d1d70b45cd3eb2a47d60031657b2dc7976f712f481ed3f3dbd175458a995c3ff75ef0a1f7ba1fc0

  • SSDEEP

    6144:Pe9N1DxWDJ6I3CxYu8nIWd53zM9RITFmcc2ohSxknbe4:Pen1V66I3Cx58IWv3A9R8mcNpknq4

Malware Config

Extracted

Family

rhadamanthys

C2

http://179.43.142.201/img/favicon.png

Targets

    • Target

      70850c5d011ddde433b2e5887d4844a4ec3159125809c1da4f92c9ca2a4261f6

    • Size

      418KB

    • MD5

      3af1d419a6b4359fa3f884eed0153954

    • SHA1

      3216468a6e656e860047c5a9b608b09a59c667bf

    • SHA256

      70850c5d011ddde433b2e5887d4844a4ec3159125809c1da4f92c9ca2a4261f6

    • SHA512

      8766dbca8739668f7502f9cc3c8701765fa8c63c95f7d5ef6d1d70b45cd3eb2a47d60031657b2dc7976f712f481ed3f3dbd175458a995c3ff75ef0a1f7ba1fc0

    • SSDEEP

      6144:Pe9N1DxWDJ6I3CxYu8nIWd53zM9RITFmcc2ohSxknbe4:Pen1V66I3Cx58IWv3A9R8mcNpknq4

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Accesses Microsoft Outlook profiles

MITRE ATT&CK Enterprise v6

Tasks