General

  • Target

    36601688fcde514f553ce2efbaa354b6f954e675f048597b39a76e5ac3815971

  • Size

    298KB

  • Sample

    230419-p3112aae93

  • MD5

    5c8fa6bf88bff26d5a405f76c1d5b2d4

  • SHA1

    f3b354c7bd765d93ee390a8cc96de7e9d53a57a9

  • SHA256

    36601688fcde514f553ce2efbaa354b6f954e675f048597b39a76e5ac3815971

  • SHA512

    5af8377cb36013d37b3958de6e0dd4969708996b9bc9f8f93bd5df8b529d314507c292e7b336315c9abc123230efec930b80bd7b0c618b437d8b55b9e2af66d5

  • SSDEEP

    6144:dAXgaiMwAfbooSMcjeVKq8F7+qaxQqetjk4cFyoYPDWJ:6RBDlAZ97/4EkBy

Malware Config

Extracted

Family

rhadamanthys

C2

http://179.43.142.201/img/favicon.png

Targets

    • Target

      36601688fcde514f553ce2efbaa354b6f954e675f048597b39a76e5ac3815971

    • Size

      298KB

    • MD5

      5c8fa6bf88bff26d5a405f76c1d5b2d4

    • SHA1

      f3b354c7bd765d93ee390a8cc96de7e9d53a57a9

    • SHA256

      36601688fcde514f553ce2efbaa354b6f954e675f048597b39a76e5ac3815971

    • SHA512

      5af8377cb36013d37b3958de6e0dd4969708996b9bc9f8f93bd5df8b529d314507c292e7b336315c9abc123230efec930b80bd7b0c618b437d8b55b9e2af66d5

    • SSDEEP

      6144:dAXgaiMwAfbooSMcjeVKq8F7+qaxQqetjk4cFyoYPDWJ:6RBDlAZ97/4EkBy

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Accesses Microsoft Outlook profiles

MITRE ATT&CK Enterprise v6

Tasks