Overview

overview

10

Static

static

1

setup.exe

windows7-x64

10

setup.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    setup.exe

  • Size

    298KB

  • Sample

    230424-aq7kqaad5w

  • MD5

    f94041cd7a8c14d02d07a7ab26c28c26

  • SHA1

    a54b040fe8734abaac0a721401f0c56d810b477a

  • SHA256

    4f4f6ba8137d0c529cc928b0c77f8a09b8a296d553de6312ca3e4edcd08f3391

  • SHA512

    7c55bc07433fcda384624a400ffc5b05848eff8758421ef7cfd5eca15232cccc6aec4ff57411c98dcd6b79583e556f51c9fd745f525fc79f84b3dde638cbdf1e

  • SSDEEP

    6144:GUhVOpWmHieie9ZzlWqU254G1lCBhyOz:8pLi+ZBWnhgO

Score
10/10
rhadamanthyscollectionstealer

Malware Config

Extracted

Family

rhadamanthys

C2

http://179.43.142.201/img/favicon.png

Targets

    • Target

      setup.exe

    • Size

      298KB

    • MD5

      f94041cd7a8c14d02d07a7ab26c28c26

    • SHA1

      a54b040fe8734abaac0a721401f0c56d810b477a

    • SHA256

      4f4f6ba8137d0c529cc928b0c77f8a09b8a296d553de6312ca3e4edcd08f3391

    • SHA512

      7c55bc07433fcda384624a400ffc5b05848eff8758421ef7cfd5eca15232cccc6aec4ff57411c98dcd6b79583e556f51c9fd745f525fc79f84b3dde638cbdf1e

    • SSDEEP

      6144:GUhVOpWmHieie9ZzlWqU254G1lCBhyOz:8pLi+ZBWnhgO

    Score
    10/10
    rhadamanthyscollectionstealer

    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • Accesses Microsoft Outlook profiles

      collection

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks