General

  • Target

    82070ca5b95d293874a00f73b9e8e83b7482b0d87bf62b9ccbd64b6bc56e6956

  • Size

    424KB

  • Sample

    230415-tnrk9sef97

  • MD5

    98d4039322a1b7d171f23a28ee9857bb

  • SHA1

    79d134dd42bc79f9da4ce5a130749468fef75be2

  • SHA256

    82070ca5b95d293874a00f73b9e8e83b7482b0d87bf62b9ccbd64b6bc56e6956

  • SHA512

    e57984da778e4f6ca88a8d5c5794c396ea389c2c43b5c81d4eb2fdf966e23c9a110eb3bd206a2c938ac9c5cdaf0a23b79b3f48b38dbfab4734bff986aca545ea

  • SSDEEP

    6144:c0pCM5MzOrxjUbSbYxzc9PxpsjZ7WqR5HYWdSUndh4we4:c0DezOljUbSbOg9PoNWUxBndh4t4

Malware Config

Extracted

Family

rhadamanthys

C2

http://179.43.142.201/img/favicon.png

Targets

    • Target

      82070ca5b95d293874a00f73b9e8e83b7482b0d87bf62b9ccbd64b6bc56e6956

    • Size

      424KB

    • MD5

      98d4039322a1b7d171f23a28ee9857bb

    • SHA1

      79d134dd42bc79f9da4ce5a130749468fef75be2

    • SHA256

      82070ca5b95d293874a00f73b9e8e83b7482b0d87bf62b9ccbd64b6bc56e6956

    • SHA512

      e57984da778e4f6ca88a8d5c5794c396ea389c2c43b5c81d4eb2fdf966e23c9a110eb3bd206a2c938ac9c5cdaf0a23b79b3f48b38dbfab4734bff986aca545ea

    • SSDEEP

      6144:c0pCM5MzOrxjUbSbYxzc9PxpsjZ7WqR5HYWdSUndh4we4:c0DezOljUbSbOg9PoNWUxBndh4t4

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Accesses Microsoft Outlook profiles

MITRE ATT&CK Enterprise v6

Tasks