General

  • Target

    f187497ccd97211fbe002c3708ca754ed3346c63d56204210d190836aa3c5c23

  • Size

    298KB

  • Sample

    230419-ydt1vsda65

  • MD5

    7499dd88daf9fc7fa6df7c0738333a20

  • SHA1

    4a4a48dff3d47318c7b2230e33a0afb835045bb1

  • SHA256

    f187497ccd97211fbe002c3708ca754ed3346c63d56204210d190836aa3c5c23

  • SHA512

    1c1ace206b6e21429fdeb39e55fd0bd9251e2678272345752b9169b2c3ad5e853bf7e9c8e040307598d87b6f280e2956eb7b7e7fa343aa3fe9398c7aa4ee32ab

  • SSDEEP

    6144:u1Z/YMvspnU4eZCm08FKl2wDOj+gq98PvsBIg4/ve:u/Y1nU4eZi/lXOY6Pmm

Malware Config

Extracted

Family

rhadamanthys

C2

http://179.43.142.201/img/favicon.png

Targets

    • Target

      f187497ccd97211fbe002c3708ca754ed3346c63d56204210d190836aa3c5c23

    • Size

      298KB

    • MD5

      7499dd88daf9fc7fa6df7c0738333a20

    • SHA1

      4a4a48dff3d47318c7b2230e33a0afb835045bb1

    • SHA256

      f187497ccd97211fbe002c3708ca754ed3346c63d56204210d190836aa3c5c23

    • SHA512

      1c1ace206b6e21429fdeb39e55fd0bd9251e2678272345752b9169b2c3ad5e853bf7e9c8e040307598d87b6f280e2956eb7b7e7fa343aa3fe9398c7aa4ee32ab

    • SSDEEP

      6144:u1Z/YMvspnU4eZCm08FKl2wDOj+gq98PvsBIg4/ve:u/Y1nU4eZi/lXOY6Pmm

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Accesses Microsoft Outlook profiles

MITRE ATT&CK Enterprise v6

Tasks