General

  • Target

    31ee3c05d4163ff7d0682efca21c44fdbfb3c0a9dce58c665893b38ba9d16356

  • Size

    424KB

  • Sample

    230415-bd1gbace92

  • MD5

    275a529eb263287899c1524c3f27db6a

  • SHA1

    f767a1bf6f2175a040e9066b4dc1675f7f5c77e8

  • SHA256

    31ee3c05d4163ff7d0682efca21c44fdbfb3c0a9dce58c665893b38ba9d16356

  • SHA512

    e93f8594296915775e8789f7f297d57cc5e66f6f258f9c9aba134445b6def1461f990c7d6440c9bd3ceaeff1a26af39490c0aee6f50a850c24696ce6cc2ec154

  • SSDEEP

    6144:JpwMWnygVAeDkib25HSr/qcDK9QZ+Z+6CbBTwSqxAnQtGTWTi:JpfWyoAeoiK5HSLqIB6CumnQt8B

Malware Config

Extracted

Family

rhadamanthys

C2

http://179.43.142.201/img/favicon.png

Targets

    • Target

      31ee3c05d4163ff7d0682efca21c44fdbfb3c0a9dce58c665893b38ba9d16356

    • Size

      424KB

    • MD5

      275a529eb263287899c1524c3f27db6a

    • SHA1

      f767a1bf6f2175a040e9066b4dc1675f7f5c77e8

    • SHA256

      31ee3c05d4163ff7d0682efca21c44fdbfb3c0a9dce58c665893b38ba9d16356

    • SHA512

      e93f8594296915775e8789f7f297d57cc5e66f6f258f9c9aba134445b6def1461f990c7d6440c9bd3ceaeff1a26af39490c0aee6f50a850c24696ce6cc2ec154

    • SSDEEP

      6144:JpwMWnygVAeDkib25HSr/qcDK9QZ+Z+6CbBTwSqxAnQtGTWTi:JpfWyoAeoiK5HSLqIB6CumnQt8B

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Accesses Microsoft Outlook profiles

MITRE ATT&CK Enterprise v6

Tasks