General

  • Target

    ca2b5bedfdd874edb9db1054ccbcea3f32e686a965e0fb8621ced34cceba11cb

  • Size

    422KB

  • Sample

    230420-hn8n1aab71

  • MD5

    4df5e38846455229a81b472226a80006

  • SHA1

    b92ec189094512f573dfe22eebaab52614fa21dc

  • SHA256

    ca2b5bedfdd874edb9db1054ccbcea3f32e686a965e0fb8621ced34cceba11cb

  • SHA512

    d079362a907495054f4f5b1cdc53f2859fde88a3cd0df4fa639df43085d55229ce78862ce6e1fc08acae9c80db6ea317b8c08afb289b21759340096b44770096

  • SSDEEP

    12288:gEXIxCC+SmrxJom2cLMAlYiGgevzvQW4Fb:gMIxIymnL3lBUQb

Malware Config

Extracted

Family

rhadamanthys

C2

http://179.43.142.201/img/favicon.png

Targets

    • Target

      ca2b5bedfdd874edb9db1054ccbcea3f32e686a965e0fb8621ced34cceba11cb

    • Size

      422KB

    • MD5

      4df5e38846455229a81b472226a80006

    • SHA1

      b92ec189094512f573dfe22eebaab52614fa21dc

    • SHA256

      ca2b5bedfdd874edb9db1054ccbcea3f32e686a965e0fb8621ced34cceba11cb

    • SHA512

      d079362a907495054f4f5b1cdc53f2859fde88a3cd0df4fa639df43085d55229ce78862ce6e1fc08acae9c80db6ea317b8c08afb289b21759340096b44770096

    • SSDEEP

      12288:gEXIxCC+SmrxJom2cLMAlYiGgevzvQW4Fb:gMIxIymnL3lBUQb

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Accesses Microsoft Outlook profiles

MITRE ATT&CK Enterprise v6

Tasks