General

  • Target

    47e0ecf4d955231efd5c233cc26dbaa5fc823ebf3641172b3bb2ea2fcdebad87

  • Size

    297KB

  • Sample

    230419-xhm8facg55

  • MD5

    83e72fdb1b037306c73731ae64ac55d7

  • SHA1

    2289dbe42c6980e39d12029f159e913b9dd2646c

  • SHA256

    47e0ecf4d955231efd5c233cc26dbaa5fc823ebf3641172b3bb2ea2fcdebad87

  • SHA512

    92162d7f18af33cd1b16f64768bd0cea54f70e4b245c43d2a88906c099b5c07042fc2bb0af234b9843bbc2cb4b48b14112a806263d5ad8ce8cfd74c9d02afe11

  • SSDEEP

    3072:I1L3EwjPVuto09rGBrp3MDOIvF7YTG4mF3RePfPd0NYWrOa8YgId9b/d5LTSjwYD:0jfVuthw5IiTG3E/dRLYHTzYPDWJG

Malware Config

Extracted

Family

rhadamanthys

C2

http://179.43.142.201/img/favicon.png

Targets

    • Target

      47e0ecf4d955231efd5c233cc26dbaa5fc823ebf3641172b3bb2ea2fcdebad87

    • Size

      297KB

    • MD5

      83e72fdb1b037306c73731ae64ac55d7

    • SHA1

      2289dbe42c6980e39d12029f159e913b9dd2646c

    • SHA256

      47e0ecf4d955231efd5c233cc26dbaa5fc823ebf3641172b3bb2ea2fcdebad87

    • SHA512

      92162d7f18af33cd1b16f64768bd0cea54f70e4b245c43d2a88906c099b5c07042fc2bb0af234b9843bbc2cb4b48b14112a806263d5ad8ce8cfd74c9d02afe11

    • SSDEEP

      3072:I1L3EwjPVuto09rGBrp3MDOIvF7YTG4mF3RePfPd0NYWrOa8YgId9b/d5LTSjwYD:0jfVuthw5IiTG3E/dRLYHTzYPDWJG

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Accesses Microsoft Outlook profiles

MITRE ATT&CK Enterprise v6

Tasks