General

  • Target

    e0e712f91cb159997cc85b98b14078b1344bc591a56edab6464e54bff9f8324f

  • Size

    424KB

  • Sample

    230415-q5fcsafg7v

  • MD5

    be0ef2a8aa27379c64c67ada3d5a1773

  • SHA1

    ea4b5852c0df0022e33fe82bc350a3e4b8ce94bb

  • SHA256

    e0e712f91cb159997cc85b98b14078b1344bc591a56edab6464e54bff9f8324f

  • SHA512

    a692e4fbb5f77b3a9235c861478ee199c4c347083b3ee1297279d66bce8873f114c11b3ee91e9b66aa806997d075848a0179d67361727aaa80fc452c3772febd

  • SSDEEP

    6144:YUpCMePzbFXXem8FDrFnXiGEjPn5Z/WvVXOr8ekYQoey4Zwe4:YUDkzblXe7FDxyNj7/SOXheLZt4

Malware Config

Extracted

Family

rhadamanthys

C2

http://179.43.142.201/img/favicon.png

Targets

    • Target

      e0e712f91cb159997cc85b98b14078b1344bc591a56edab6464e54bff9f8324f

    • Size

      424KB

    • MD5

      be0ef2a8aa27379c64c67ada3d5a1773

    • SHA1

      ea4b5852c0df0022e33fe82bc350a3e4b8ce94bb

    • SHA256

      e0e712f91cb159997cc85b98b14078b1344bc591a56edab6464e54bff9f8324f

    • SHA512

      a692e4fbb5f77b3a9235c861478ee199c4c347083b3ee1297279d66bce8873f114c11b3ee91e9b66aa806997d075848a0179d67361727aaa80fc452c3772febd

    • SSDEEP

      6144:YUpCMePzbFXXem8FDrFnXiGEjPn5Z/WvVXOr8ekYQoey4Zwe4:YUDkzblXe7FDxyNj7/SOXheLZt4

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Accesses Microsoft Outlook profiles

MITRE ATT&CK Enterprise v6

Tasks