General
-
Target
setup.exe
-
Size
424KB
-
Sample
230419-bms4lafd65
-
MD5
216277e82f9eefaa3f01f6e941d86edf
-
SHA1
3667fd08ac1afbf3fefda60315fb9b6c4bbc9c25
-
SHA256
000927343397bd9ae9b8520a13d1915cf029e7bb5b2217bf42d7240dddbbb203
-
SHA512
095ca03f0c5e156e1c640ed505c35cdd581da7c51c8825950c6f152ad0760e83e670ae184af979a1bca947711cb08d30d39e15f289d6de109670e0f1e7ed8354
-
SSDEEP
6144:oE+7+CiPfzR4uJmYIN3jNjH5OFXUi9vafi6xs2A8W69shIv:oE5jjR4uJ1INTNj5YXVQf/N9sSv
Static task
static1
Behavioral task
behavioral1
Sample
setup.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
setup.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
rhadamanthys
http://179.43.142.201/img/favicon.png
Targets
-
-
Target
setup.exe
-
Size
424KB
-
MD5
216277e82f9eefaa3f01f6e941d86edf
-
SHA1
3667fd08ac1afbf3fefda60315fb9b6c4bbc9c25
-
SHA256
000927343397bd9ae9b8520a13d1915cf029e7bb5b2217bf42d7240dddbbb203
-
SHA512
095ca03f0c5e156e1c640ed505c35cdd581da7c51c8825950c6f152ad0760e83e670ae184af979a1bca947711cb08d30d39e15f289d6de109670e0f1e7ed8354
-
SSDEEP
6144:oE+7+CiPfzR4uJmYIN3jNjH5OFXUi9vafi6xs2A8W69shIv:oE5jjR4uJ1INTNj5YXVQf/N9sSv
Score10/10-
Detect rhadamanthys stealer shellcode
-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Accesses Microsoft Outlook profiles
-