General

  • Target

    4db45dd088c5399bba9a0a89aa5cfad1a11bf57c0e7a870d76e84000cc025af1

  • Size

    298KB

  • Sample

    230419-nfqfcabh8x

  • MD5

    2da57ef6b403fc6698ff7b95a9ce9362

  • SHA1

    7218e330e5ed923dce0575673fe51c67727b2699

  • SHA256

    4db45dd088c5399bba9a0a89aa5cfad1a11bf57c0e7a870d76e84000cc025af1

  • SHA512

    e6330a5ca330ad065ce7766bff79427d16b9eb7903ba694b24bb6b87b08d498e429e65c201c53f12447fdfc572e7986972c4211518646abcc3c39b45e2f58a1e

  • SSDEEP

    6144:TR9dkPnr96XT/taFvSxC6szUttiCYPDWJB:vGPnrAT4HPzqd

Malware Config

Extracted

Family

rhadamanthys

C2

http://179.43.142.201/img/favicon.png

Targets

    • Target

      4db45dd088c5399bba9a0a89aa5cfad1a11bf57c0e7a870d76e84000cc025af1

    • Size

      298KB

    • MD5

      2da57ef6b403fc6698ff7b95a9ce9362

    • SHA1

      7218e330e5ed923dce0575673fe51c67727b2699

    • SHA256

      4db45dd088c5399bba9a0a89aa5cfad1a11bf57c0e7a870d76e84000cc025af1

    • SHA512

      e6330a5ca330ad065ce7766bff79427d16b9eb7903ba694b24bb6b87b08d498e429e65c201c53f12447fdfc572e7986972c4211518646abcc3c39b45e2f58a1e

    • SSDEEP

      6144:TR9dkPnr96XT/taFvSxC6szUttiCYPDWJB:vGPnrAT4HPzqd

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Accesses Microsoft Outlook profiles

MITRE ATT&CK Enterprise v6

Tasks