General

  • Target

    7e5679bb9b9eba5fa9bd99d874ddabe70d4eab0495c4fcaec1433902b3958d6d

  • Size

    298KB

  • Sample

    230419-stmc3adc5s

  • MD5

    7bbd2b2924c5cc4ba8bdc028f6fb3e7e

  • SHA1

    416ebb70642b9e7bc4e156511e885c31af5befd1

  • SHA256

    7e5679bb9b9eba5fa9bd99d874ddabe70d4eab0495c4fcaec1433902b3958d6d

  • SHA512

    66066663ac1c32ebcaec1a8a1da64b975482bc5e918ebb180d11445cea7645476cc8f1267b5b8370bf6807d65883eb3071c90e274457ca75d2b5131e3c51aa0d

  • SSDEEP

    3072:6+f2aPU5X65rhAEIrj6JCDWqhHYQA0axwhaTQeRqntPSIBuKJa5tSrvVaz1wYPDw:Dk5fjLD9pFM58NSJA/YPDWJ

Malware Config

Extracted

Family

rhadamanthys

C2

http://179.43.142.201/img/favicon.png

Targets

    • Target

      7e5679bb9b9eba5fa9bd99d874ddabe70d4eab0495c4fcaec1433902b3958d6d

    • Size

      298KB

    • MD5

      7bbd2b2924c5cc4ba8bdc028f6fb3e7e

    • SHA1

      416ebb70642b9e7bc4e156511e885c31af5befd1

    • SHA256

      7e5679bb9b9eba5fa9bd99d874ddabe70d4eab0495c4fcaec1433902b3958d6d

    • SHA512

      66066663ac1c32ebcaec1a8a1da64b975482bc5e918ebb180d11445cea7645476cc8f1267b5b8370bf6807d65883eb3071c90e274457ca75d2b5131e3c51aa0d

    • SSDEEP

      3072:6+f2aPU5X65rhAEIrj6JCDWqhHYQA0axwhaTQeRqntPSIBuKJa5tSrvVaz1wYPDw:Dk5fjLD9pFM58NSJA/YPDWJ

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Accesses Microsoft Outlook profiles

MITRE ATT&CK Enterprise v6

Tasks