General

  • Target

    a865ff24fa16c3e701d9b08ca7309793cb1980eefde88a31e94454c74da90d20

  • Size

    298KB

  • Sample

    230419-l3wjrshg79

  • MD5

    1443c5bbc58a9283df31c026ec145fe8

  • SHA1

    0461d42ac46ab778e2b64da3470b5421cef258b4

  • SHA256

    a865ff24fa16c3e701d9b08ca7309793cb1980eefde88a31e94454c74da90d20

  • SHA512

    764d69cb407d7d7cab8ae7bc417df4dfee3465de6fbc29cc311b94e45b1558c147049fff448b8a9bb6a4a164f510105c69d293d358f9b2b89da6aeb26ada242a

  • SSDEEP

    6144:iVTNZjb3B9MSZhuvEknYw4k7kYmlYPDWJ4:i3133M4DknYw0W

Malware Config

Extracted

Family

rhadamanthys

C2

http://179.43.142.201/img/favicon.png

Targets

    • Target

      a865ff24fa16c3e701d9b08ca7309793cb1980eefde88a31e94454c74da90d20

    • Size

      298KB

    • MD5

      1443c5bbc58a9283df31c026ec145fe8

    • SHA1

      0461d42ac46ab778e2b64da3470b5421cef258b4

    • SHA256

      a865ff24fa16c3e701d9b08ca7309793cb1980eefde88a31e94454c74da90d20

    • SHA512

      764d69cb407d7d7cab8ae7bc417df4dfee3465de6fbc29cc311b94e45b1558c147049fff448b8a9bb6a4a164f510105c69d293d358f9b2b89da6aeb26ada242a

    • SSDEEP

      6144:iVTNZjb3B9MSZhuvEknYw4k7kYmlYPDWJ4:i3133M4DknYw0W

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Accesses Microsoft Outlook profiles

MITRE ATT&CK Enterprise v6

Tasks