General
-
Target
60de8bdb2a6664035303aa070639569e.bin
-
Size
276KB
-
Sample
230420-bp638sgf2y
-
MD5
f8a6d28d751d599f635ee99ae9ad2e96
-
SHA1
a73a7e385353080bec32b3df8e687d9d32b8282b
-
SHA256
bf79c70e729869008ea1de45c2b7e4a997d7407a4325dc15fb004722d9f7383b
-
SHA512
405206ed3412e82a4aa482503e8be4dbb1690fc604384062c307388c7e7dd00611cf6010503607ebcc2c0ab6ebe7fc9539e6dff59e60a3ad89ff7b51595e8b6e
-
SSDEEP
6144:9vvjXypXB3vfToCPmnMXDGboLTK5KUXGnjr4ppDcWmkkf:Qpx/f0M2n59XGnjrUhe
Static task
static1
Behavioral task
behavioral1
Sample
9e28586ab70b1abdccfe087d81e326a0703f75e9551ced187d37c51130ad02f5.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
9e28586ab70b1abdccfe087d81e326a0703f75e9551ced187d37c51130ad02f5.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
rhadamanthys
http://179.43.142.201/img/favicon.png
Targets
-
-
Target
9e28586ab70b1abdccfe087d81e326a0703f75e9551ced187d37c51130ad02f5.exe
-
Size
423KB
-
MD5
60de8bdb2a6664035303aa070639569e
-
SHA1
3579d2cc4d9ef28953a62ffecd331f955e7bf783
-
SHA256
9e28586ab70b1abdccfe087d81e326a0703f75e9551ced187d37c51130ad02f5
-
SHA512
bb6e262f10b3bad04d16857ba949f9a4acb468808ff8e19a6344521ec4e5e7ef993bfb931f7e2d731a3db2383720f0c533d027ab712959595bbb0fa2f9cebda8
-
SSDEEP
6144:wRZY1s8KffUHDK9AbETusTTFW2hv00deZb63IXDnDD2LAMIv:wfcsbfeDKzTHTFxcdtdze0nv
Score10/10-
Detect rhadamanthys stealer shellcode
-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Accesses Microsoft Outlook profiles
-