General

  • Target

    8892ef93cc4f1251745347eec7449fa445e88e3cf1a96e18a0e457cd2067cd52

  • Size

    419KB

  • Sample

    230416-hffy1sah3t

  • MD5

    90157449149bf3cad718f0b63f2317f3

  • SHA1

    012f344a4311ea599744cbd592ff40a8513616fe

  • SHA256

    8892ef93cc4f1251745347eec7449fa445e88e3cf1a96e18a0e457cd2067cd52

  • SHA512

    6b3d844480b99984800400401e1afb83dd0efa3cb3406b1d59ca3f3774a1120fa4c43100e2d66c141a3b2f848fe5992adada6781617193bb9d173083f44212b0

  • SSDEEP

    6144:ytr+ovQYKYDqezZ05AtYk5Ys9jUnpujQUy7RuQ9zLSe:ytqoIQDqezZ0Ct919jUpujQUy7RX9PS

Malware Config

Extracted

Family

rhadamanthys

C2

http://179.43.142.201/img/favicon.png

Targets

    • Target

      8892ef93cc4f1251745347eec7449fa445e88e3cf1a96e18a0e457cd2067cd52

    • Size

      419KB

    • MD5

      90157449149bf3cad718f0b63f2317f3

    • SHA1

      012f344a4311ea599744cbd592ff40a8513616fe

    • SHA256

      8892ef93cc4f1251745347eec7449fa445e88e3cf1a96e18a0e457cd2067cd52

    • SHA512

      6b3d844480b99984800400401e1afb83dd0efa3cb3406b1d59ca3f3774a1120fa4c43100e2d66c141a3b2f848fe5992adada6781617193bb9d173083f44212b0

    • SSDEEP

      6144:ytr+ovQYKYDqezZ05AtYk5Ys9jUnpujQUy7RuQ9zLSe:ytqoIQDqezZ0Ct919jUpujQUy7RX9PS

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Accesses Microsoft Outlook profiles

MITRE ATT&CK Enterprise v6

Tasks