General
-
Target
629c3efea4c90a25c438c9d244f66a1de834bd72b5d04db8c9a8e1b16262b4f1
-
Size
297KB
-
Sample
230419-tf61zsde6v
-
MD5
cf62868d0fee1310262d769deba482b7
-
SHA1
d53dd43610bbc5bb89c87aafd15f92373536ab06
-
SHA256
629c3efea4c90a25c438c9d244f66a1de834bd72b5d04db8c9a8e1b16262b4f1
-
SHA512
b487bdefdb517638902d3cd7cfdf64b2c92fa151304cdfa84e5a0185c0e067e6339b4d7027ff003a9650f3871b22d56a5dac3750d4c9b6bf8e83cd52ad3f78a1
-
SSDEEP
3072:IbunJmzNjsGs/kEAbMQuyPjhahGbNal2TCI+AJNjchM1jndZ4kgnU5r+wYPDpJKP:CQ6jj/bdLacEl21+A8i1pmRGHYPDWJ
Static task
static1
Behavioral task
behavioral1
Sample
629c3efea4c90a25c438c9d244f66a1de834bd72b5d04db8c9a8e1b16262b4f1.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
rhadamanthys
http://179.43.142.201/img/favicon.png
Targets
-
-
Target
629c3efea4c90a25c438c9d244f66a1de834bd72b5d04db8c9a8e1b16262b4f1
-
Size
297KB
-
MD5
cf62868d0fee1310262d769deba482b7
-
SHA1
d53dd43610bbc5bb89c87aafd15f92373536ab06
-
SHA256
629c3efea4c90a25c438c9d244f66a1de834bd72b5d04db8c9a8e1b16262b4f1
-
SHA512
b487bdefdb517638902d3cd7cfdf64b2c92fa151304cdfa84e5a0185c0e067e6339b4d7027ff003a9650f3871b22d56a5dac3750d4c9b6bf8e83cd52ad3f78a1
-
SSDEEP
3072:IbunJmzNjsGs/kEAbMQuyPjhahGbNal2TCI+AJNjchM1jndZ4kgnU5r+wYPDpJKP:CQ6jj/bdLacEl21+A8i1pmRGHYPDWJ
Score10/10-
Detect rhadamanthys stealer shellcode
-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Accesses Microsoft Outlook profiles
-