General

  • Target

    e90b966980543f422dbee87da402b0fd5b1e2a744ad49b89e293b588d2fb1545

  • Size

    424KB

  • Sample

    230415-yzajcafe87

  • MD5

    1af6229f3d5d95510deeb9ac7677ef64

  • SHA1

    ced23ffb956d89ca07bcf425fe3a8f900f08ebd2

  • SHA256

    e90b966980543f422dbee87da402b0fd5b1e2a744ad49b89e293b588d2fb1545

  • SHA512

    e13dd65ab66c8863fb2ea23334923170bfb4a8bd1fe48fc86760d6eecc850f9e5c72bd22895f24e65cabd2bca16c4028145dc80bd1bcbf7047ee16ddd2944559

  • SSDEEP

    6144:rcymWROhrijJjiDqKCXBdJxPx+iAJwUGLs6C2Mjb/+Twe4:rcnWROhriljiOKaB3xqJMJC2MjaTt4

Malware Config

Extracted

Family

rhadamanthys

C2

http://179.43.142.201/img/favicon.png

Targets

    • Target

      e90b966980543f422dbee87da402b0fd5b1e2a744ad49b89e293b588d2fb1545

    • Size

      424KB

    • MD5

      1af6229f3d5d95510deeb9ac7677ef64

    • SHA1

      ced23ffb956d89ca07bcf425fe3a8f900f08ebd2

    • SHA256

      e90b966980543f422dbee87da402b0fd5b1e2a744ad49b89e293b588d2fb1545

    • SHA512

      e13dd65ab66c8863fb2ea23334923170bfb4a8bd1fe48fc86760d6eecc850f9e5c72bd22895f24e65cabd2bca16c4028145dc80bd1bcbf7047ee16ddd2944559

    • SSDEEP

      6144:rcymWROhrijJjiDqKCXBdJxPx+iAJwUGLs6C2Mjb/+Twe4:rcnWROhriljiOKaB3xqJMJC2MjaTt4

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Accesses Microsoft Outlook profiles

MITRE ATT&CK Enterprise v6

Tasks