General

  • Target

    e7753b6d1cf9b7430d692173edecc628923d116d4da9070ad6afecd7e1e40b73

  • Size

    425KB

  • Sample

    230420-pqay3shg93

  • MD5

    b95cc443a27173e35e28954ce36a5f8a

  • SHA1

    0a98b96a2989ff7772328573224dbf6aef83da1a

  • SHA256

    e7753b6d1cf9b7430d692173edecc628923d116d4da9070ad6afecd7e1e40b73

  • SHA512

    3b5fcc86286eb6ac298031ebec3a3dba3f258159b98ca65b4fc4ed3a97f41b9c03aad529909fe74bc0bfdc75f1bb16bdf9772f7908a5fc4fa7708c86cdb929e3

  • SSDEEP

    6144:SmcqdC6dZtqoARHXpe1qd6NHuHnutn/1QbnWrwgwCYgerKgFTI:SmtdC6ftqoAFpuzNHuHut/EnIx0KMTI

Malware Config

Extracted

Family

rhadamanthys

C2

http://179.43.142.201/img/favicon.png

Targets

    • Target

      e7753b6d1cf9b7430d692173edecc628923d116d4da9070ad6afecd7e1e40b73

    • Size

      425KB

    • MD5

      b95cc443a27173e35e28954ce36a5f8a

    • SHA1

      0a98b96a2989ff7772328573224dbf6aef83da1a

    • SHA256

      e7753b6d1cf9b7430d692173edecc628923d116d4da9070ad6afecd7e1e40b73

    • SHA512

      3b5fcc86286eb6ac298031ebec3a3dba3f258159b98ca65b4fc4ed3a97f41b9c03aad529909fe74bc0bfdc75f1bb16bdf9772f7908a5fc4fa7708c86cdb929e3

    • SSDEEP

      6144:SmcqdC6dZtqoARHXpe1qd6NHuHnutn/1QbnWrwgwCYgerKgFTI:SmtdC6ftqoAFpuzNHuHut/EnIx0KMTI

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Accesses Microsoft Outlook profiles

MITRE ATT&CK Enterprise v6

Tasks