General

  • Target

    66bcf45409819e0225f46a4942eb292fe0eec705fe467863642220744ab00bb6

  • Size

    425KB

  • Sample

    230415-x97fdsfd42

  • MD5

    256c3daef254f79543df43c8121d9e26

  • SHA1

    4325d201936cc045d8d6ce29a14327fcc54b468f

  • SHA256

    66bcf45409819e0225f46a4942eb292fe0eec705fe467863642220744ab00bb6

  • SHA512

    1c4ec92a261b6b7552fc8f49ad78c7be94e7f608ac2022fa477c07177cd972024257a6365740a00a0400170fad942a1dc01cf6e659d1ce2487276f151ed02147

  • SSDEEP

    6144:WdKGhOmzEdCVhSgZjJjSUoPAzK46tDZZXFOh3Vnwe4:WdHhOmzEdCVhSgfmUo4m46vfOZVnt4

Malware Config

Extracted

Family

rhadamanthys

C2

http://179.43.142.201/img/favicon.png

Targets

    • Target

      66bcf45409819e0225f46a4942eb292fe0eec705fe467863642220744ab00bb6

    • Size

      425KB

    • MD5

      256c3daef254f79543df43c8121d9e26

    • SHA1

      4325d201936cc045d8d6ce29a14327fcc54b468f

    • SHA256

      66bcf45409819e0225f46a4942eb292fe0eec705fe467863642220744ab00bb6

    • SHA512

      1c4ec92a261b6b7552fc8f49ad78c7be94e7f608ac2022fa477c07177cd972024257a6365740a00a0400170fad942a1dc01cf6e659d1ce2487276f151ed02147

    • SSDEEP

      6144:WdKGhOmzEdCVhSgZjJjSUoPAzK46tDZZXFOh3Vnwe4:WdHhOmzEdCVhSgfmUo4m46vfOZVnt4

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Accesses Microsoft Outlook profiles

MITRE ATT&CK Enterprise v6

Tasks