General

  • Target

    d221d3fb8d39771f163a440c7f7bf72b3a9db66ae012e0c3d0143a126256de54

  • Size

    424KB

  • Sample

    230415-m9rptsfd6z

  • MD5

    9950feec180e9981d35fe2dd2241efdc

  • SHA1

    939ca7f9084b5a28790f56cec45ce5c2006f8ee0

  • SHA256

    d221d3fb8d39771f163a440c7f7bf72b3a9db66ae012e0c3d0143a126256de54

  • SHA512

    0181a6e3157e47e9a1f75853de96d1deafffe38c80231909e2870758ee4f071c784adcf0031a17a9c4f0f0fc2df32b2cb1159cd0056334c4d281466324dcf36f

  • SSDEEP

    6144:eiiG2fGlIFLkFZAq7OAMUjGu8eAIlgTkfiwe4:eF9GlIFQFZAqftlgQit4

Malware Config

Extracted

Family

rhadamanthys

C2

http://179.43.142.201/img/favicon.png

Targets

    • Target

      d221d3fb8d39771f163a440c7f7bf72b3a9db66ae012e0c3d0143a126256de54

    • Size

      424KB

    • MD5

      9950feec180e9981d35fe2dd2241efdc

    • SHA1

      939ca7f9084b5a28790f56cec45ce5c2006f8ee0

    • SHA256

      d221d3fb8d39771f163a440c7f7bf72b3a9db66ae012e0c3d0143a126256de54

    • SHA512

      0181a6e3157e47e9a1f75853de96d1deafffe38c80231909e2870758ee4f071c784adcf0031a17a9c4f0f0fc2df32b2cb1159cd0056334c4d281466324dcf36f

    • SSDEEP

      6144:eiiG2fGlIFLkFZAq7OAMUjGu8eAIlgTkfiwe4:eF9GlIFQFZAqftlgQit4

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Accesses Microsoft Outlook profiles

MITRE ATT&CK Enterprise v6

Tasks