General
-
Target
ca2b5bedfdd874edb9db1054ccbcea3f32e686a965e0fb8621ced34cceba11cb
-
Size
422KB
-
Sample
230420-hn8n1aab71
-
MD5
4df5e38846455229a81b472226a80006
-
SHA1
b92ec189094512f573dfe22eebaab52614fa21dc
-
SHA256
ca2b5bedfdd874edb9db1054ccbcea3f32e686a965e0fb8621ced34cceba11cb
-
SHA512
d079362a907495054f4f5b1cdc53f2859fde88a3cd0df4fa639df43085d55229ce78862ce6e1fc08acae9c80db6ea317b8c08afb289b21759340096b44770096
-
SSDEEP
12288:gEXIxCC+SmrxJom2cLMAlYiGgevzvQW4Fb:gMIxIymnL3lBUQb
Static task
static1
Behavioral task
behavioral1
Sample
ca2b5bedfdd874edb9db1054ccbcea3f32e686a965e0fb8621ced34cceba11cb.exe
Resource
win10-20230220-en
Malware Config
Extracted
rhadamanthys
http://179.43.142.201/img/favicon.png
Targets
-
-
Target
ca2b5bedfdd874edb9db1054ccbcea3f32e686a965e0fb8621ced34cceba11cb
-
Size
422KB
-
MD5
4df5e38846455229a81b472226a80006
-
SHA1
b92ec189094512f573dfe22eebaab52614fa21dc
-
SHA256
ca2b5bedfdd874edb9db1054ccbcea3f32e686a965e0fb8621ced34cceba11cb
-
SHA512
d079362a907495054f4f5b1cdc53f2859fde88a3cd0df4fa639df43085d55229ce78862ce6e1fc08acae9c80db6ea317b8c08afb289b21759340096b44770096
-
SSDEEP
12288:gEXIxCC+SmrxJom2cLMAlYiGgevzvQW4Fb:gMIxIymnL3lBUQb
Score10/10-
Detect rhadamanthys stealer shellcode
-
Rhadamanthys
Rhadamanthys is an info stealer written in C++ first seen in August 2022.
-
Accesses Microsoft Outlook profiles
-