General

  • Target

    568d9616bd3f0b645343b4fd3af5430efe863d7da9986fa91f654c554657bce7

  • Size

    419KB

  • Sample

    230416-g4krfaag71

  • MD5

    c85ba15d48c5a7a290ea394df086c853

  • SHA1

    2ce6869e738c9cf66653c182494636c3a590d054

  • SHA256

    568d9616bd3f0b645343b4fd3af5430efe863d7da9986fa91f654c554657bce7

  • SHA512

    36bd3370169b2a12b32f47c51e8b79e884999aa48901259217f0fa76ac4626f765721e999c9c16cbfd93c3fe0fe2d4f6655d5a785121d786eafb88e1c2f7fce4

  • SSDEEP

    6144:N2auMtE/WeVi5fqiAtEnSDomQb/0q+PjbdjiZW4h/cNbe4:N2LMuHVi5fqhtSSDomQQzPjos2cNq4

Malware Config

Extracted

Family

rhadamanthys

C2

http://179.43.142.201/img/favicon.png

Targets

    • Target

      568d9616bd3f0b645343b4fd3af5430efe863d7da9986fa91f654c554657bce7

    • Size

      419KB

    • MD5

      c85ba15d48c5a7a290ea394df086c853

    • SHA1

      2ce6869e738c9cf66653c182494636c3a590d054

    • SHA256

      568d9616bd3f0b645343b4fd3af5430efe863d7da9986fa91f654c554657bce7

    • SHA512

      36bd3370169b2a12b32f47c51e8b79e884999aa48901259217f0fa76ac4626f765721e999c9c16cbfd93c3fe0fe2d4f6655d5a785121d786eafb88e1c2f7fce4

    • SSDEEP

      6144:N2auMtE/WeVi5fqiAtEnSDomQb/0q+PjbdjiZW4h/cNbe4:N2LMuHVi5fqhtSSDomQQzPjos2cNq4

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Accesses Microsoft Outlook profiles

MITRE ATT&CK Enterprise v6

Tasks