General

  • Target

    8b6a9244ace68ce7ce84e948ebc380274656a9562a0eb8ce368d97dd76256be2

  • Size

    425KB

  • Sample

    230420-qnby2aab43

  • MD5

    80c8a44241a006400b17b7a97cda84dc

  • SHA1

    9324bd55edd68303116144ef8313824f0af629e2

  • SHA256

    8b6a9244ace68ce7ce84e948ebc380274656a9562a0eb8ce368d97dd76256be2

  • SHA512

    b5414520ca2a782ae31ead540fbd7aa9bbe49d8e04f9b2da7652ea650984a44be980d71d749b0a9b10347e0f55520a59b6d568d8cb13c7f9789de7df15778040

  • SSDEEP

    6144:KEh9SctR71S31CCpjOghoyCo7/KtClABhlcaz7430wEvtb7VVhITLo:KEOcP721dj7oomhlcyME+T8

Malware Config

Extracted

Family

rhadamanthys

C2

http://179.43.142.201/img/favicon.png

Targets

    • Target

      8b6a9244ace68ce7ce84e948ebc380274656a9562a0eb8ce368d97dd76256be2

    • Size

      425KB

    • MD5

      80c8a44241a006400b17b7a97cda84dc

    • SHA1

      9324bd55edd68303116144ef8313824f0af629e2

    • SHA256

      8b6a9244ace68ce7ce84e948ebc380274656a9562a0eb8ce368d97dd76256be2

    • SHA512

      b5414520ca2a782ae31ead540fbd7aa9bbe49d8e04f9b2da7652ea650984a44be980d71d749b0a9b10347e0f55520a59b6d568d8cb13c7f9789de7df15778040

    • SSDEEP

      6144:KEh9SctR71S31CCpjOghoyCo7/KtClABhlcaz7430wEvtb7VVhITLo:KEOcP721dj7oomhlcyME+T8

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Accesses Microsoft Outlook profiles

MITRE ATT&CK Enterprise v6

Tasks