General

  • Target

    Spongebob Ip Address Meme.mp4

  • Size

    366KB

  • Sample

    240209-pxvl3ach52

  • MD5

    5f6431493c3e1bb4d28badbfe33e2717

  • SHA1

    3e2a608093ef416e6992e07182547783739cda93

  • SHA256

    bb38d2c222f3b89421c324121bb1ea12fc3feb725bd27d4f8dce9bc757d87ddf

  • SHA512

    8014811e6a935ecb81354c78c31b29339757e2f144b8b063da9610188416dabd98cc4d40790775fef3a5966edc73925f270454b1f4e606a216d7745b5121a9a9

  • SSDEEP

    6144:CTz3HUP+7LlfVWxXuaQvQGBGdqAEvvN+Om3D73lI1sdI1CATXq1U2OEcjcP4Ijp:CTDUW7LlNWxehxBvl+O8D77vQq1U9jcJ

Score
10/10

Malware Config

Targets

    • Target

      Spongebob Ip Address Meme.mp4

    • Size

      366KB

    • MD5

      5f6431493c3e1bb4d28badbfe33e2717

    • SHA1

      3e2a608093ef416e6992e07182547783739cda93

    • SHA256

      bb38d2c222f3b89421c324121bb1ea12fc3feb725bd27d4f8dce9bc757d87ddf

    • SHA512

      8014811e6a935ecb81354c78c31b29339757e2f144b8b063da9610188416dabd98cc4d40790775fef3a5966edc73925f270454b1f4e606a216d7745b5121a9a9

    • SSDEEP

      6144:CTz3HUP+7LlfVWxXuaQvQGBGdqAEvvN+Om3D73lI1sdI1CATXq1U2OEcjcP4Ijp:CTDUW7LlNWxehxBvl+O8D77vQq1U9jcJ

    Score
    10/10
    • Detect rhadamanthys stealer shellcode

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Executes dropped EXE

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks