General

  • Target

    076a0fb7ebf20a100ef850835a9cfe79d33e6dc797b78d267f92982ec75807f3

  • Size

    424KB

  • Sample

    230415-kebzsade52

  • MD5

    c7013845630a13cd1161a9bce5482f67

  • SHA1

    8f65a5509972092bb3087ac120c2cc741a41ea0b

  • SHA256

    076a0fb7ebf20a100ef850835a9cfe79d33e6dc797b78d267f92982ec75807f3

  • SHA512

    b4b6513c970a32b8459b0576ed81cf0f59c833ec9f311fd79a59a787ad9d514562f41916014e9a42f6e2a24ef6b458ab268727b5c906191c98bf758b7196dde5

  • SSDEEP

    6144:SpwMWnygVAeDki6eigMS/J8I4Xvnu33/rCkf+lD+mHR4WTi:SpfWyoAeoi84S833/vfHyRC

Malware Config

Extracted

Family

rhadamanthys

C2

http://179.43.142.201/img/favicon.png

Targets

    • Target

      076a0fb7ebf20a100ef850835a9cfe79d33e6dc797b78d267f92982ec75807f3

    • Size

      424KB

    • MD5

      c7013845630a13cd1161a9bce5482f67

    • SHA1

      8f65a5509972092bb3087ac120c2cc741a41ea0b

    • SHA256

      076a0fb7ebf20a100ef850835a9cfe79d33e6dc797b78d267f92982ec75807f3

    • SHA512

      b4b6513c970a32b8459b0576ed81cf0f59c833ec9f311fd79a59a787ad9d514562f41916014e9a42f6e2a24ef6b458ab268727b5c906191c98bf758b7196dde5

    • SSDEEP

      6144:SpwMWnygVAeDki6eigMS/J8I4Xvnu33/rCkf+lD+mHR4WTi:SpfWyoAeoi84S833/vfHyRC

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Accesses Microsoft Outlook profiles

MITRE ATT&CK Enterprise v6

Tasks