General

  • Target

    4b10b47611967e2d3024eb451df1ca05451fa3e15d1970d6ee3fc09a64e0bc99

  • Size

    419KB

  • Sample

    230415-2azcysga35

  • MD5

    9be26f22ab7153a54d77a4df6dad9090

  • SHA1

    e28b37438f2e13af5ce2122348864a217086129f

  • SHA256

    4b10b47611967e2d3024eb451df1ca05451fa3e15d1970d6ee3fc09a64e0bc99

  • SHA512

    6d5fd51806e8569cc464d4ccf9bef77563b2fa411e75b9d6b4afddb07d35b415cd5605b45fa0e2166a2f838218e25dda65ef4032b207866d59195edbd8a387a0

  • SSDEEP

    12288:L8xhMbey7nSkfINSKm5s8/k68djz8aq4:LshKeiPfgSKks8sT38L4

Malware Config

Extracted

Family

rhadamanthys

C2

http://179.43.142.201/img/favicon.png

Targets

    • Target

      4b10b47611967e2d3024eb451df1ca05451fa3e15d1970d6ee3fc09a64e0bc99

    • Size

      419KB

    • MD5

      9be26f22ab7153a54d77a4df6dad9090

    • SHA1

      e28b37438f2e13af5ce2122348864a217086129f

    • SHA256

      4b10b47611967e2d3024eb451df1ca05451fa3e15d1970d6ee3fc09a64e0bc99

    • SHA512

      6d5fd51806e8569cc464d4ccf9bef77563b2fa411e75b9d6b4afddb07d35b415cd5605b45fa0e2166a2f838218e25dda65ef4032b207866d59195edbd8a387a0

    • SSDEEP

      12288:L8xhMbey7nSkfINSKm5s8/k68djz8aq4:LshKeiPfgSKks8sT38L4

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Accesses Microsoft Outlook profiles

MITRE ATT&CK Enterprise v6

Tasks