General

  • Target

    7a4746c78d13d3bca5ff9f5f06a4d5c939744b85d23886efc80ddf2bb11943da

  • Size

    424KB

  • Sample

    230415-vq21fsgd71

  • MD5

    b2bd45f7dfd30e5ad4f03e9abf9776e6

  • SHA1

    af719465630b66bd6d748ec318a6c933f6f2f729

  • SHA256

    7a4746c78d13d3bca5ff9f5f06a4d5c939744b85d23886efc80ddf2bb11943da

  • SHA512

    bc33bb48fcd772d7bc2e8912e8561291e0f9b19419c42f265dd2dec205bc3fdaa910c553543124caa770c2a7b04f050bd4ebd775f067d0963da91dad30512f50

  • SSDEEP

    6144:URSqFMYmb7Y8u4UGxUOuC8Ww+qG9vJnHxdV4g/we4:UR/FMYmb7Y8lxUOuz+L9HF/t4

Malware Config

Extracted

Family

rhadamanthys

C2

http://179.43.142.201/img/favicon.png

Targets

    • Target

      7a4746c78d13d3bca5ff9f5f06a4d5c939744b85d23886efc80ddf2bb11943da

    • Size

      424KB

    • MD5

      b2bd45f7dfd30e5ad4f03e9abf9776e6

    • SHA1

      af719465630b66bd6d748ec318a6c933f6f2f729

    • SHA256

      7a4746c78d13d3bca5ff9f5f06a4d5c939744b85d23886efc80ddf2bb11943da

    • SHA512

      bc33bb48fcd772d7bc2e8912e8561291e0f9b19419c42f265dd2dec205bc3fdaa910c553543124caa770c2a7b04f050bd4ebd775f067d0963da91dad30512f50

    • SSDEEP

      6144:URSqFMYmb7Y8u4UGxUOuC8Ww+qG9vJnHxdV4g/we4:UR/FMYmb7Y8lxUOuz+L9HF/t4

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Accesses Microsoft Outlook profiles

MITRE ATT&CK Enterprise v6

Tasks