General

  • Target

    c65dd2ce36142437e478ed59842794c0e47b5ce74f27d05d4879b9447e5e2ea5

  • Size

    297KB

  • Sample

    230419-pcby8acb9x

  • MD5

    158e067c258ec68bec70b5cdbff96311

  • SHA1

    584abde9d32bcbd6730142d9027cdd290947ee71

  • SHA256

    c65dd2ce36142437e478ed59842794c0e47b5ce74f27d05d4879b9447e5e2ea5

  • SHA512

    ee3b171d69ae2965047d5383cc1f571d9868395dc5ff81cb69a6d713281b2e35b6abd9f661ac39a994136cc2e8e5cab7b3f9e9b3dc15dfa13909f1e3ce01ed8a

  • SSDEEP

    6144:DXahF3ESXwN4zBsmiRhJYJRV+Ad/zxkMUmwYPDWJ4:mhF3Eh464/V+4

Malware Config

Extracted

Family

rhadamanthys

C2

http://179.43.142.201/img/favicon.png

Targets

    • Target

      c65dd2ce36142437e478ed59842794c0e47b5ce74f27d05d4879b9447e5e2ea5

    • Size

      297KB

    • MD5

      158e067c258ec68bec70b5cdbff96311

    • SHA1

      584abde9d32bcbd6730142d9027cdd290947ee71

    • SHA256

      c65dd2ce36142437e478ed59842794c0e47b5ce74f27d05d4879b9447e5e2ea5

    • SHA512

      ee3b171d69ae2965047d5383cc1f571d9868395dc5ff81cb69a6d713281b2e35b6abd9f661ac39a994136cc2e8e5cab7b3f9e9b3dc15dfa13909f1e3ce01ed8a

    • SSDEEP

      6144:DXahF3ESXwN4zBsmiRhJYJRV+Ad/zxkMUmwYPDWJ4:mhF3Eh464/V+4

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Accesses Microsoft Outlook profiles

MITRE ATT&CK Enterprise v6

Tasks