General

  • Target

    c90741a043ee54880a939009935f65d458437c3f25ef66d0388a1b8083aec99c

  • Size

    424KB

  • Sample

    230415-p87e1aeb48

  • MD5

    bc19b47e06fc27425839ca0346c78aef

  • SHA1

    423a177b539878ce4edced3e207dcdb95b392427

  • SHA256

    c90741a043ee54880a939009935f65d458437c3f25ef66d0388a1b8083aec99c

  • SHA512

    56d7a24efcf34883cec2ae32625109c9e65e0396d21de0b5530d455b10e9942ae4cd06e77f2162622d29148ce3e925710362ab9c35ea26cce80e05655529874d

  • SSDEEP

    6144:eCGCb/y/cQNqVy6G7++SsKtYYuzgU4pyJ5rqP6dmOvXwe4:eCx/y/c0qVy6GC5t5VyJ5qydfvXt4

Malware Config

Extracted

Family

rhadamanthys

C2

http://179.43.142.201/img/favicon.png

Targets

    • Target

      c90741a043ee54880a939009935f65d458437c3f25ef66d0388a1b8083aec99c

    • Size

      424KB

    • MD5

      bc19b47e06fc27425839ca0346c78aef

    • SHA1

      423a177b539878ce4edced3e207dcdb95b392427

    • SHA256

      c90741a043ee54880a939009935f65d458437c3f25ef66d0388a1b8083aec99c

    • SHA512

      56d7a24efcf34883cec2ae32625109c9e65e0396d21de0b5530d455b10e9942ae4cd06e77f2162622d29148ce3e925710362ab9c35ea26cce80e05655529874d

    • SSDEEP

      6144:eCGCb/y/cQNqVy6G7++SsKtYYuzgU4pyJ5rqP6dmOvXwe4:eCx/y/c0qVy6GC5t5VyJ5qydfvXt4

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Accesses Microsoft Outlook profiles

MITRE ATT&CK Enterprise v6

Tasks