General

  • Target

    cbcfd42a6ec669bf0f770a837ea751aa342b21256c6186e19d9931d47ca1ffef

  • Size

    423KB

  • Sample

    230415-d3ex1sch62

  • MD5

    cb2ba6d4940dc8abede20595ac94b3ea

  • SHA1

    dbbc0e0723d92f12dce9a724624c36b40c545f0d

  • SHA256

    cbcfd42a6ec669bf0f770a837ea751aa342b21256c6186e19d9931d47ca1ffef

  • SHA512

    02702f91de518d5f318d01aba51faeac99bc4e94e7edf3dd978a55724eed24b12510c450860ef2b6610b648bbbc9741f97501814aa2861af44f80bf994a735b2

  • SSDEEP

    6144:EnlYDwYQr4DBvOYxN4WL9DNSOoWeTTKkp8RvHnAx6EqsTi:EnmDhe4DBvmWL9DNnoWm8RvHn66EqP

Malware Config

Extracted

Family

rhadamanthys

C2

http://179.43.142.201/img/favicon.png

Targets

    • Target

      cbcfd42a6ec669bf0f770a837ea751aa342b21256c6186e19d9931d47ca1ffef

    • Size

      423KB

    • MD5

      cb2ba6d4940dc8abede20595ac94b3ea

    • SHA1

      dbbc0e0723d92f12dce9a724624c36b40c545f0d

    • SHA256

      cbcfd42a6ec669bf0f770a837ea751aa342b21256c6186e19d9931d47ca1ffef

    • SHA512

      02702f91de518d5f318d01aba51faeac99bc4e94e7edf3dd978a55724eed24b12510c450860ef2b6610b648bbbc9741f97501814aa2861af44f80bf994a735b2

    • SSDEEP

      6144:EnlYDwYQr4DBvOYxN4WL9DNSOoWeTTKkp8RvHnAx6EqsTi:EnmDhe4DBvmWL9DNnoWm8RvHn66EqP

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Accesses Microsoft Outlook profiles

MITRE ATT&CK Enterprise v6

Tasks