General

  • Target

    b97ac133de8b90eb8b58e25f5b7fd9cca8d7be6fac221de6374a770ce43a57a4

  • Size

    425KB

  • Sample

    230420-rvvkdscd4v

  • MD5

    402aa014df8f301c9280762e74ae9fc9

  • SHA1

    793f54833a42a188a327c98142b75b35dbadd09a

  • SHA256

    b97ac133de8b90eb8b58e25f5b7fd9cca8d7be6fac221de6374a770ce43a57a4

  • SHA512

    e7ff370a8c4e29e5a045492d5aa525df7b0cdf9aa8a4ef0a357d9f544ac0223549a9941712846a6726986156b0f0df140d7eac77091553a700428312ce05c47c

  • SSDEEP

    6144:okzB+wcgRQ3UcnQ92wZZYNCG6i6dbx5zQUrQ1HzGiE5zT56K:fzoTgS3UcnK28YkG6iEbvLkloFT5Z

Malware Config

Extracted

Family

rhadamanthys

C2

http://179.43.142.201/img/favicon.png

Targets

    • Target

      b97ac133de8b90eb8b58e25f5b7fd9cca8d7be6fac221de6374a770ce43a57a4

    • Size

      425KB

    • MD5

      402aa014df8f301c9280762e74ae9fc9

    • SHA1

      793f54833a42a188a327c98142b75b35dbadd09a

    • SHA256

      b97ac133de8b90eb8b58e25f5b7fd9cca8d7be6fac221de6374a770ce43a57a4

    • SHA512

      e7ff370a8c4e29e5a045492d5aa525df7b0cdf9aa8a4ef0a357d9f544ac0223549a9941712846a6726986156b0f0df140d7eac77091553a700428312ce05c47c

    • SSDEEP

      6144:okzB+wcgRQ3UcnQ92wZZYNCG6i6dbx5zQUrQ1HzGiE5zT56K:fzoTgS3UcnK28YkG6iEbvLkloFT5Z

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Accesses Microsoft Outlook profiles

MITRE ATT&CK Enterprise v6

Tasks