General
-
Target
file.exe
-
Size
298KB
-
Sample
230419-red8gaah82
-
MD5
5c8fa6bf88bff26d5a405f76c1d5b2d4
-
SHA1
f3b354c7bd765d93ee390a8cc96de7e9d53a57a9
-
SHA256
36601688fcde514f553ce2efbaa354b6f954e675f048597b39a76e5ac3815971
-
SHA512
5af8377cb36013d37b3958de6e0dd4969708996b9bc9f8f93bd5df8b529d314507c292e7b336315c9abc123230efec930b80bd7b0c618b437d8b55b9e2af66d5
-
SSDEEP
6144:dAXgaiMwAfbooSMcjeVKq8F7+qaxQqetjk4cFyoYPDWJ:6RBDlAZ97/4EkBy
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
file.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
rhadamanthys
http://179.43.142.201/img/favicon.png
Targets
-
-
Target
file.exe
-
Size
298KB
-
MD5
5c8fa6bf88bff26d5a405f76c1d5b2d4
-
SHA1
f3b354c7bd765d93ee390a8cc96de7e9d53a57a9
-
SHA256
36601688fcde514f553ce2efbaa354b6f954e675f048597b39a76e5ac3815971
-
SHA512
5af8377cb36013d37b3958de6e0dd4969708996b9bc9f8f93bd5df8b529d314507c292e7b336315c9abc123230efec930b80bd7b0c618b437d8b55b9e2af66d5
-
SSDEEP
6144:dAXgaiMwAfbooSMcjeVKq8F7+qaxQqetjk4cFyoYPDWJ:6RBDlAZ97/4EkBy
Score10/10-
Detect rhadamanthys stealer shellcode
-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Accesses Microsoft Outlook profiles
-