General
-
Target
setup.exe
-
Size
298KB
-
Sample
230420-axyamaec96
-
MD5
df16d5e9904bbaff20a19abc2649cde9
-
SHA1
9a9b44f7ac4b5ec6a31faa61444e906ef47e8467
-
SHA256
411ae76fa21378768d5038fa423837cf9909e5f91fa15e04e9a1c4a364b5b3a7
-
SHA512
67335a822f25e5f87c9ed03f3945dc92ee8cdf06326a60cfa9083b16c4ec9d8721731dcf145e281b02c7e4a252fb2e2bd9a785286164bade0b4c0d02c808dc9c
-
SSDEEP
6144:AiUlFQB0QCCJuve4fOQH+5abvsc74Rzxhl0asJg4/ve3:AFFBYx4fvKcEJa
Static task
static1
Behavioral task
behavioral1
Sample
setup.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
setup.exe
Resource
win10v2004-20230221-en
Malware Config
Extracted
rhadamanthys
http://179.43.142.201/img/favicon.png
Targets
-
-
Target
setup.exe
-
Size
298KB
-
MD5
df16d5e9904bbaff20a19abc2649cde9
-
SHA1
9a9b44f7ac4b5ec6a31faa61444e906ef47e8467
-
SHA256
411ae76fa21378768d5038fa423837cf9909e5f91fa15e04e9a1c4a364b5b3a7
-
SHA512
67335a822f25e5f87c9ed03f3945dc92ee8cdf06326a60cfa9083b16c4ec9d8721731dcf145e281b02c7e4a252fb2e2bd9a785286164bade0b4c0d02c808dc9c
-
SSDEEP
6144:AiUlFQB0QCCJuve4fOQH+5abvsc74Rzxhl0asJg4/ve3:AFFBYx4fvKcEJa
Score10/10-
Detect rhadamanthys stealer shellcode
-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Accesses Microsoft Outlook profiles
-