General

  • Target

    setup.exe

  • Size

    424KB

  • Sample

    230419-blm6ysfd62

  • MD5

    d8bca64c81e628b416c5e99e57561664

  • SHA1

    a8c69936126344413837595f8d71d861cce221a6

  • SHA256

    3da7899a97dcce17b1625b2193f870f8f568b39fe520adbde6f61f7e63f5c0ae

  • SHA512

    8b0d9a5faad5dd08441ed81b7c908b0fef82eea205a93c3ca41d2bc2cbd7eef19dc04e788005e6dec491e2050209fd9d3295523ae12efc5507889f26a2177147

  • SSDEEP

    6144:uJw69lf7YLckt0tIetvwF6LiqpSPO/2t1imYEBLePwKT2fqxwkIv:uJnlDY1t8Ie9a6FpSBd5eIKHWfv

Malware Config

Extracted

Family

rhadamanthys

C2

http://179.43.142.201/img/favicon.png

Targets

    • Target

      setup.exe

    • Size

      424KB

    • MD5

      d8bca64c81e628b416c5e99e57561664

    • SHA1

      a8c69936126344413837595f8d71d861cce221a6

    • SHA256

      3da7899a97dcce17b1625b2193f870f8f568b39fe520adbde6f61f7e63f5c0ae

    • SHA512

      8b0d9a5faad5dd08441ed81b7c908b0fef82eea205a93c3ca41d2bc2cbd7eef19dc04e788005e6dec491e2050209fd9d3295523ae12efc5507889f26a2177147

    • SSDEEP

      6144:uJw69lf7YLckt0tIetvwF6LiqpSPO/2t1imYEBLePwKT2fqxwkIv:uJnlDY1t8Ie9a6FpSBd5eIKHWfv

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Accesses Microsoft Outlook profiles

MITRE ATT&CK Enterprise v6

Tasks