General

  • Target

    27751f8824b502af36f63463affe7a686156eb8d979c0f4d0a90e49938ab1cc3

  • Size

    420KB

  • Sample

    230416-khbs7abb7y

  • MD5

    5af08f4356b63d0c42463db218469145

  • SHA1

    775412ba33744056d3f98118f46740beaaa6111c

  • SHA256

    27751f8824b502af36f63463affe7a686156eb8d979c0f4d0a90e49938ab1cc3

  • SHA512

    e39eed8e5162c161548d74f7d5bb6a44d4ee7ae33e16eb93ab6b12b510cf1f3ce1c71729f7d3fced2f02ae69a321c18db5d51e13bfad1670825f9fba950857a4

  • SSDEEP

    6144:xJ/zmDrxUfMfgJaCeQnhgGzWSNBiQ+5dhHc0wGzU8GFwmR:xJrm/OMfgJaDQWGBNBU341wm

Malware Config

Extracted

Family

rhadamanthys

C2

http://179.43.142.201/img/favicon.png

Targets

    • Target

      27751f8824b502af36f63463affe7a686156eb8d979c0f4d0a90e49938ab1cc3

    • Size

      420KB

    • MD5

      5af08f4356b63d0c42463db218469145

    • SHA1

      775412ba33744056d3f98118f46740beaaa6111c

    • SHA256

      27751f8824b502af36f63463affe7a686156eb8d979c0f4d0a90e49938ab1cc3

    • SHA512

      e39eed8e5162c161548d74f7d5bb6a44d4ee7ae33e16eb93ab6b12b510cf1f3ce1c71729f7d3fced2f02ae69a321c18db5d51e13bfad1670825f9fba950857a4

    • SSDEEP

      6144:xJ/zmDrxUfMfgJaCeQnhgGzWSNBiQ+5dhHc0wGzU8GFwmR:xJrm/OMfgJaDQWGBNBU341wm

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Accesses Microsoft Outlook profiles

MITRE ATT&CK Enterprise v6

Tasks