General

  • Target

    d05570291475e833f9dc18337453eab0ea21ea8dd75aa72e6c03ff349da36bb7

  • Size

    298KB

  • Sample

    230420-e2977sfe57

  • MD5

    148b79fb1fd5b1c4d656bc29a4be6e9d

  • SHA1

    e6750e7286b54379aabbc4a3200c83aa6d9164d1

  • SHA256

    d05570291475e833f9dc18337453eab0ea21ea8dd75aa72e6c03ff349da36bb7

  • SHA512

    9ab32763300bdfe2c9cd304b668b9fa5023c107a957b24b9d6eb90bd4abf148b3c16d036ef4819d5e33f91cab26f3da1bbf1c37990319d58a3ee873947a1f2d6

  • SSDEEP

    3072:O8EJLNZwDOrQJ1X3UAhd30Nm1K7H8NP5JC1AbcUS80sYzd0+Z5fWjk4/oweZL:TGwamXEATkc1EH2O80sYzVWg4/ve

Malware Config

Extracted

Family

rhadamanthys

C2

http://179.43.142.201/img/favicon.png

Targets

    • Target

      d05570291475e833f9dc18337453eab0ea21ea8dd75aa72e6c03ff349da36bb7

    • Size

      298KB

    • MD5

      148b79fb1fd5b1c4d656bc29a4be6e9d

    • SHA1

      e6750e7286b54379aabbc4a3200c83aa6d9164d1

    • SHA256

      d05570291475e833f9dc18337453eab0ea21ea8dd75aa72e6c03ff349da36bb7

    • SHA512

      9ab32763300bdfe2c9cd304b668b9fa5023c107a957b24b9d6eb90bd4abf148b3c16d036ef4819d5e33f91cab26f3da1bbf1c37990319d58a3ee873947a1f2d6

    • SSDEEP

      3072:O8EJLNZwDOrQJ1X3UAhd30Nm1K7H8NP5JC1AbcUS80sYzd0+Z5fWjk4/oweZL:TGwamXEATkc1EH2O80sYzVWg4/ve

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Accesses Microsoft Outlook profiles

MITRE ATT&CK Enterprise v6

Tasks