General

  • Target

    b8fe0a4de08b6c3c918f2074941ff4b6d2950ab0e83669f6ce57f12bbab24cf6

  • Size

    298KB

  • Sample

    230419-rg4wxaba28

  • MD5

    e2946fa694f40ec514e773739a088cea

  • SHA1

    44eb5b568f634fe97ed5865ce3e865f819da2749

  • SHA256

    b8fe0a4de08b6c3c918f2074941ff4b6d2950ab0e83669f6ce57f12bbab24cf6

  • SHA512

    3325621818f5aa6472300ff287e20fe4d18c45ad5c924ceddea77e7c80006f7d6e5a82df79671a9e2334edda66dcff35d825ea62da0b9df183e55ac936974794

  • SSDEEP

    6144:qbHOQAkDFUgf7uN2uPqJmW36XmgiTYPDWJ:gOQP0Pq/6

Malware Config

Extracted

Family

rhadamanthys

C2

http://179.43.142.201/img/favicon.png

Targets

    • Target

      b8fe0a4de08b6c3c918f2074941ff4b6d2950ab0e83669f6ce57f12bbab24cf6

    • Size

      298KB

    • MD5

      e2946fa694f40ec514e773739a088cea

    • SHA1

      44eb5b568f634fe97ed5865ce3e865f819da2749

    • SHA256

      b8fe0a4de08b6c3c918f2074941ff4b6d2950ab0e83669f6ce57f12bbab24cf6

    • SHA512

      3325621818f5aa6472300ff287e20fe4d18c45ad5c924ceddea77e7c80006f7d6e5a82df79671a9e2334edda66dcff35d825ea62da0b9df183e55ac936974794

    • SSDEEP

      6144:qbHOQAkDFUgf7uN2uPqJmW36XmgiTYPDWJ:gOQP0Pq/6

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Accesses Microsoft Outlook profiles

MITRE ATT&CK Enterprise v6

Tasks