General

  • Target

    33016858dda6e636c7d3055af1a9249951fe38166435592c44d939578c4f6a3a

  • Size

    424KB

  • Sample

    230415-w5jm4afb48

  • MD5

    7f4ef4c6b2189d39edf1b8913487e7e8

  • SHA1

    c0c0b4a1374d3725b52f1a1eb5a124dd7376203d

  • SHA256

    33016858dda6e636c7d3055af1a9249951fe38166435592c44d939578c4f6a3a

  • SHA512

    85009beb355246c534e2523516c0e90ef6cc9f6994901e9cb8ed9ec785bceec565e16e52033ca4e7a9e230b72f48347f51c7eaaf3d5bd9b094b6370e6c944ed3

  • SSDEEP

    6144:LRP2rMsCKHkHUZ3QE5wVF3ASZTctN0TCIYHkmwe4:LROrMsCKHiUZ3557SitN+mt4

Malware Config

Extracted

Family

rhadamanthys

C2

http://179.43.142.201/img/favicon.png

Targets

    • Target

      33016858dda6e636c7d3055af1a9249951fe38166435592c44d939578c4f6a3a

    • Size

      424KB

    • MD5

      7f4ef4c6b2189d39edf1b8913487e7e8

    • SHA1

      c0c0b4a1374d3725b52f1a1eb5a124dd7376203d

    • SHA256

      33016858dda6e636c7d3055af1a9249951fe38166435592c44d939578c4f6a3a

    • SHA512

      85009beb355246c534e2523516c0e90ef6cc9f6994901e9cb8ed9ec785bceec565e16e52033ca4e7a9e230b72f48347f51c7eaaf3d5bd9b094b6370e6c944ed3

    • SSDEEP

      6144:LRP2rMsCKHkHUZ3QE5wVF3ASZTctN0TCIYHkmwe4:LROrMsCKHiUZ3557SitN+mt4

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Accesses Microsoft Outlook profiles

MITRE ATT&CK Enterprise v6

Tasks