General

  • Target

    setup.exe

  • Size

    365KB

  • Sample

    230510-ay3azade48

  • MD5

    171e8b37bd1bca4c109c329e5f27c0d7

  • SHA1

    0fe2a508f9d9f1decac23912b8eb18c89ba5b4dc

  • SHA256

    a481d0f71f3e020be9067340c91bd8a9472611cbff06571cf5084085b1ffa570

  • SHA512

    bfa7c580ccb18dad07b5d1ec056cf118e0bab57037e2f5cb5da0ce05486e0a7962461ebdb4f685dd66890ec6792951f7444f108817c40aed794fe3523a4b6383

  • SSDEEP

    6144:JzQjSjs7fz2btDNCae1SpxTvVG/HAZXuA0zzYK:1wQs7fQTJEPsK

Score
10/10

Malware Config

Extracted

Family

rhadamanthys

C2

http://179.43.142.201/img/favicon.png

Targets

    • Target

      setup.exe

    • Size

      365KB

    • MD5

      171e8b37bd1bca4c109c329e5f27c0d7

    • SHA1

      0fe2a508f9d9f1decac23912b8eb18c89ba5b4dc

    • SHA256

      a481d0f71f3e020be9067340c91bd8a9472611cbff06571cf5084085b1ffa570

    • SHA512

      bfa7c580ccb18dad07b5d1ec056cf118e0bab57037e2f5cb5da0ce05486e0a7962461ebdb4f685dd66890ec6792951f7444f108817c40aed794fe3523a4b6383

    • SSDEEP

      6144:JzQjSjs7fz2btDNCae1SpxTvVG/HAZXuA0zzYK:1wQs7fQTJEPsK

    Score
    10/10
    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

MITRE ATT&CK Matrix

Tasks