General

  • Target

    5958900c655ce9939bef469628ed1b2510b406d8b0db7b9f5930f3b9bba3c60c

  • Size

    424KB

  • Sample

    230419-e47vvsaa7y

  • MD5

    22f07c3bef1b89c7c875260846dcba42

  • SHA1

    5cab5a992030be5748a99cce2af10f1c5da0e15d

  • SHA256

    5958900c655ce9939bef469628ed1b2510b406d8b0db7b9f5930f3b9bba3c60c

  • SHA512

    ab0535561041f82897b5c79523675837618e7fced82cb98c53dc702953de19beaa9be36b06f1ef9620df4e89f795a887323cf0b09cf0e218a93ab69a2b0e3f9d

  • SSDEEP

    6144:pTw7FlIAEocoOc/FkLNcX5s6RZg+TddzwtvIG+pPm6Iq2cqYkR3k/dIv:pTIlrEOOyFkpY59TOB+0q2cPkR3k/Ov

Malware Config

Extracted

Family

rhadamanthys

C2

http://179.43.142.201/img/favicon.png

Targets

    • Target

      5958900c655ce9939bef469628ed1b2510b406d8b0db7b9f5930f3b9bba3c60c

    • Size

      424KB

    • MD5

      22f07c3bef1b89c7c875260846dcba42

    • SHA1

      5cab5a992030be5748a99cce2af10f1c5da0e15d

    • SHA256

      5958900c655ce9939bef469628ed1b2510b406d8b0db7b9f5930f3b9bba3c60c

    • SHA512

      ab0535561041f82897b5c79523675837618e7fced82cb98c53dc702953de19beaa9be36b06f1ef9620df4e89f795a887323cf0b09cf0e218a93ab69a2b0e3f9d

    • SSDEEP

      6144:pTw7FlIAEocoOc/FkLNcX5s6RZg+TddzwtvIG+pPm6Iq2cqYkR3k/dIv:pTIlrEOOyFkpY59TOB+0q2cPkR3k/Ov

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Accesses Microsoft Outlook profiles

MITRE ATT&CK Enterprise v6

Tasks