General

  • Target

    6b0376a00944cceb5ae6d7810efa856d4ab7679c921d4838111fba01a8a2d589

  • Size

    423KB

  • Sample

    230415-gx786aeg6x

  • MD5

    120c493eeda8a8931652a907a54ff802

  • SHA1

    0b32770a174a9818a22b9814d1216543db333e94

  • SHA256

    6b0376a00944cceb5ae6d7810efa856d4ab7679c921d4838111fba01a8a2d589

  • SHA512

    e7ca9dd482b0221031155e47a4bec4a2990222fa11284b50b1d6d6db26c1bc60000cb801dcd1036d28a0f3fb15819bf75a0042834901e76e1663435e0fe009e1

  • SSDEEP

    6144:UV4QsFeoZcQQ2XGOZqeiu9uTZicwGH5hEHv4uFttTi:UVPsIkcQQ2viPZtlH5KQkM

Malware Config

Extracted

Family

rhadamanthys

C2

http://179.43.142.201/img/favicon.png

Targets

    • Target

      6b0376a00944cceb5ae6d7810efa856d4ab7679c921d4838111fba01a8a2d589

    • Size

      423KB

    • MD5

      120c493eeda8a8931652a907a54ff802

    • SHA1

      0b32770a174a9818a22b9814d1216543db333e94

    • SHA256

      6b0376a00944cceb5ae6d7810efa856d4ab7679c921d4838111fba01a8a2d589

    • SHA512

      e7ca9dd482b0221031155e47a4bec4a2990222fa11284b50b1d6d6db26c1bc60000cb801dcd1036d28a0f3fb15819bf75a0042834901e76e1663435e0fe009e1

    • SSDEEP

      6144:UV4QsFeoZcQQ2XGOZqeiu9uTZicwGH5hEHv4uFttTi:UVPsIkcQQ2viPZtlH5KQkM

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Accesses Microsoft Outlook profiles

MITRE ATT&CK Enterprise v6

Tasks