General
-
Target
cc.exe
-
Size
297KB
-
Sample
230419-ldd87ahf32
-
MD5
13f5cf4add70ef94cfc51508e2c618d3
-
SHA1
ac1f705b7d6bb55b8f7ba7c9d236362db5abc162
-
SHA256
a2fa00ab0203eefb3229cc6afdcc4a5a34e6501bc5d64cab6b022a63e48852f1
-
SHA512
d9e9d41c5ee4d5393628e927cf35b0ee2cac780607a4a2bc0dd1914aa5fb49d35dd21968d389d73eefc3dc162cdcc27ecba8c23499420a217ff77c00e6221078
-
SSDEEP
6144:daRxPJp7aDsBApMLQ8zkcVFzQzsNDYC5Gsa3ZSBIjmYPDWJ:iJJp7RiDqVFBNcCM3gB
Static task
static1
Behavioral task
behavioral1
Sample
cc.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
cc.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
rhadamanthys
http://179.43.142.201/img/favicon.png
Targets
-
-
Target
cc.exe
-
Size
297KB
-
MD5
13f5cf4add70ef94cfc51508e2c618d3
-
SHA1
ac1f705b7d6bb55b8f7ba7c9d236362db5abc162
-
SHA256
a2fa00ab0203eefb3229cc6afdcc4a5a34e6501bc5d64cab6b022a63e48852f1
-
SHA512
d9e9d41c5ee4d5393628e927cf35b0ee2cac780607a4a2bc0dd1914aa5fb49d35dd21968d389d73eefc3dc162cdcc27ecba8c23499420a217ff77c00e6221078
-
SSDEEP
6144:daRxPJp7aDsBApMLQ8zkcVFzQzsNDYC5Gsa3ZSBIjmYPDWJ:iJJp7RiDqVFBNcCM3gB
Score10/10-
Detect rhadamanthys stealer shellcode
-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Accesses Microsoft Outlook profiles
-