General

  • Target

    cc.exe

  • Size

    297KB

  • Sample

    230419-ldd87ahf32

  • MD5

    13f5cf4add70ef94cfc51508e2c618d3

  • SHA1

    ac1f705b7d6bb55b8f7ba7c9d236362db5abc162

  • SHA256

    a2fa00ab0203eefb3229cc6afdcc4a5a34e6501bc5d64cab6b022a63e48852f1

  • SHA512

    d9e9d41c5ee4d5393628e927cf35b0ee2cac780607a4a2bc0dd1914aa5fb49d35dd21968d389d73eefc3dc162cdcc27ecba8c23499420a217ff77c00e6221078

  • SSDEEP

    6144:daRxPJp7aDsBApMLQ8zkcVFzQzsNDYC5Gsa3ZSBIjmYPDWJ:iJJp7RiDqVFBNcCM3gB

Malware Config

Extracted

Family

rhadamanthys

C2

http://179.43.142.201/img/favicon.png

Targets

    • Target

      cc.exe

    • Size

      297KB

    • MD5

      13f5cf4add70ef94cfc51508e2c618d3

    • SHA1

      ac1f705b7d6bb55b8f7ba7c9d236362db5abc162

    • SHA256

      a2fa00ab0203eefb3229cc6afdcc4a5a34e6501bc5d64cab6b022a63e48852f1

    • SHA512

      d9e9d41c5ee4d5393628e927cf35b0ee2cac780607a4a2bc0dd1914aa5fb49d35dd21968d389d73eefc3dc162cdcc27ecba8c23499420a217ff77c00e6221078

    • SSDEEP

      6144:daRxPJp7aDsBApMLQ8zkcVFzQzsNDYC5Gsa3ZSBIjmYPDWJ:iJJp7RiDqVFBNcCM3gB

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Accesses Microsoft Outlook profiles

MITRE ATT&CK Enterprise v6

Tasks