General

  • Target

    dc40df8ce62ea7db5eb023b523dfc987645557e69d4b359ef80df36f200d599c

  • Size

    424KB

  • Sample

    230418-2p4afsge9z

  • MD5

    f9916f55a46a20c8510b200e234ba773

  • SHA1

    9a23bd0f39833053746b27d8f2a03eeba3b2f57d

  • SHA256

    dc40df8ce62ea7db5eb023b523dfc987645557e69d4b359ef80df36f200d599c

  • SHA512

    c50757b3ceb70ca8e429ddc73f91e12eb17830b6b46ebe7e09a7516df863cd75c9d38309ca27bf296d5cb8a508fb360fd44ea911d976aa703e98bddc24439de6

  • SSDEEP

    6144:RdPOqD+awlv1QLShpF6Pv6EOMiNi3S1gx3KKqqs/QTTEhFzReqRIv:RdxDev1QLYj63Olvubqqs/QvIpgqCv

Malware Config

Extracted

Family

rhadamanthys

C2

http://179.43.142.201/img/favicon.png

Targets

    • Target

      dc40df8ce62ea7db5eb023b523dfc987645557e69d4b359ef80df36f200d599c

    • Size

      424KB

    • MD5

      f9916f55a46a20c8510b200e234ba773

    • SHA1

      9a23bd0f39833053746b27d8f2a03eeba3b2f57d

    • SHA256

      dc40df8ce62ea7db5eb023b523dfc987645557e69d4b359ef80df36f200d599c

    • SHA512

      c50757b3ceb70ca8e429ddc73f91e12eb17830b6b46ebe7e09a7516df863cd75c9d38309ca27bf296d5cb8a508fb360fd44ea911d976aa703e98bddc24439de6

    • SSDEEP

      6144:RdPOqD+awlv1QLShpF6Pv6EOMiNi3S1gx3KKqqs/QTTEhFzReqRIv:RdxDev1QLYj63Olvubqqs/QvIpgqCv

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Accesses Microsoft Outlook profiles

MITRE ATT&CK Enterprise v6

Tasks