General

  • Target

    867c9fa7482b28fcd6cb56b2cd7eff2ca1478cb287078127352719a58f24a7d6

  • Size

    298KB

  • Sample

    230420-bxzdcsgf7y

  • MD5

    de9c8fdf6c6aff41c6f948fa2559ee66

  • SHA1

    688665b0a484fba2312ef4a30a8d81ed5ea2da18

  • SHA256

    867c9fa7482b28fcd6cb56b2cd7eff2ca1478cb287078127352719a58f24a7d6

  • SHA512

    2dd7a1ea9f069e4dd9ed538816e618cf4ebcbd42164d80d2da55b947759900e76e9271bd25a93578b2373f5e33f03fb0cdedf9433eb647ac8a5e04a14fceaf20

  • SSDEEP

    6144:92M8esmZt8vnOlliAEsdkOjshjgUEai2cPGB8g4/ve3:98esmH8vnigsmOjYJEC0R

Malware Config

Extracted

Family

rhadamanthys

C2

http://179.43.142.201/img/favicon.png

Targets

    • Target

      867c9fa7482b28fcd6cb56b2cd7eff2ca1478cb287078127352719a58f24a7d6

    • Size

      298KB

    • MD5

      de9c8fdf6c6aff41c6f948fa2559ee66

    • SHA1

      688665b0a484fba2312ef4a30a8d81ed5ea2da18

    • SHA256

      867c9fa7482b28fcd6cb56b2cd7eff2ca1478cb287078127352719a58f24a7d6

    • SHA512

      2dd7a1ea9f069e4dd9ed538816e618cf4ebcbd42164d80d2da55b947759900e76e9271bd25a93578b2373f5e33f03fb0cdedf9433eb647ac8a5e04a14fceaf20

    • SSDEEP

      6144:92M8esmZt8vnOlliAEsdkOjshjgUEai2cPGB8g4/ve3:98esmH8vnigsmOjYJEC0R

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Accesses Microsoft Outlook profiles

MITRE ATT&CK Enterprise v6

Tasks