Overview

overview

10

Static

static

2a7f39094d...38.exe

windows7-x64

10

2a7f39094d...38.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2a7f39094ded73526d8a5fd861e8d245269bb0f4b64dd478be4c65f3b1847938

  • Size

    160KB

  • Sample

    230114-v6qblabb53

  • MD5

    1135c1cbd5ee28e2a5ad3b44707f7edf

  • SHA1

    cc482c3f773d3c7197296240cc95021c66629aa1

  • SHA256

    cd0317045e28ec4cc04a6c32e6d787c426c36e292c1750250ba9d1cceb7ca95c

  • SHA512

    7cc7b662f7bb39405e1a812e90892a73abe79ad6b527258728e346b179af104a8b31fdc501d8a1add21a1e825fbd1646c8f9cebbb051e33a3b56f4be0559ea7d

  • SSDEEP

    3072:mmJF9ujLXH+e+U0k8WGuB4a7fJKBhhlC6lpQik5kXRh0NcL3MHkI+jrNv:RujDH+HIBPKlC6lXkaXRaNcLmsNv

Score
10/10
rhadamanthyssmokeloaderbackdoorstealertrojan

Malware Config

Targets

    • Target

      2a7f39094ded73526d8a5fd861e8d245269bb0f4b64dd478be4c65f3b1847938

    • Size

      259KB

    • MD5

      2246d288a2f7f556ffc3ce74be14d08f

    • SHA1

      801a14c7be596909f1a2443d9d244361cddc171f

    • SHA256

      2a7f39094ded73526d8a5fd861e8d245269bb0f4b64dd478be4c65f3b1847938

    • SHA512

      4f19fddbd1f7cc59b82bbc257edbbba176b41f189c72af027809926610806a929fc0398ed195d4abbd4d962875e731a41d8e6be2cc97d2187a3f5819d4fb06c6

    • SSDEEP

      3072:35XmD/Vm5QDFQB1onUKBhhlC6lpjxfjXapb8pBI8jwWRjoV:tusBU1lC6lLjqpgpRjFE

    Score
    10/10
    smokeloaderbackdoortrojanrhadamanthysstealer

    • Detect rhadamanthys stealer shellcode

    • Detects Smokeloader packer

    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

      stealerrhadamanthys

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Executes dropped EXE

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks