General

  • Target

    cedea09dd4ba32091c16cb187e4291aa53a5e5580701b8706fb136a78b72edd9

  • Size

    424KB

  • Sample

    230415-ttrs8aeg49

  • MD5

    f7cb5d405f6785a1064662caef14c6c7

  • SHA1

    38b3b8be69a18c727958fb18b2c4e53b93105f84

  • SHA256

    cedea09dd4ba32091c16cb187e4291aa53a5e5580701b8706fb136a78b72edd9

  • SHA512

    62fa320ca229738d44d312b919fcadaa275fb0ffca74656a86d907ed9cddfaae7fe57de893c3647e61c53e207bc4737e846c4b2dbcf644255d89593b8870a638

  • SSDEEP

    6144:cmPMLsaiZtnp1alzReX7t6Qd+Omcoh5surPmwe4:cmkLsaiZtp1abecOPohWurPmt4

Malware Config

Extracted

Family

rhadamanthys

C2

http://179.43.142.201/img/favicon.png

Targets

    • Target

      cedea09dd4ba32091c16cb187e4291aa53a5e5580701b8706fb136a78b72edd9

    • Size

      424KB

    • MD5

      f7cb5d405f6785a1064662caef14c6c7

    • SHA1

      38b3b8be69a18c727958fb18b2c4e53b93105f84

    • SHA256

      cedea09dd4ba32091c16cb187e4291aa53a5e5580701b8706fb136a78b72edd9

    • SHA512

      62fa320ca229738d44d312b919fcadaa275fb0ffca74656a86d907ed9cddfaae7fe57de893c3647e61c53e207bc4737e846c4b2dbcf644255d89593b8870a638

    • SSDEEP

      6144:cmPMLsaiZtnp1alzReX7t6Qd+Omcoh5surPmwe4:cmkLsaiZtp1abecOPohWurPmt4

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Accesses Microsoft Outlook profiles

MITRE ATT&CK Enterprise v6

Tasks