General

  • Target

    2025-03-29_f923bb67ccdf3cd40c1775e7a42f4c08_amadey_cobalt-strike_smoke-loader

  • Size

    157KB

  • Sample

    250329-s87mjswyaz

  • MD5

    f923bb67ccdf3cd40c1775e7a42f4c08

  • SHA1

    e9eea5da9774d3ad3a363761e1c3a9e6a5b73cee

  • SHA256

    bf6f92991a86b9aa3c4dd012c8b2ea0a06d6119701fc7ad5f5abc6f4012d910d

  • SHA512

    66eaf9068f7dd9c66d2997c4e3117d9f3066fba735759a661448e657c37595eb54ddf3ce35102747a75ba9b79d26149944bc3df2bddf7d920ac117e96c9fadeb

  • SSDEEP

    3072:6UdgcEHrQwndKbYshLpvlh6KG63BhpzL+JuaeoVAkOhS5pi3oerU7:6VZrFd2TD6UhUJryHoO4aU7

Malware Config

Targets

    • Target

      2025-03-29_f923bb67ccdf3cd40c1775e7a42f4c08_amadey_cobalt-strike_smoke-loader

    • Size

      157KB

    • MD5

      f923bb67ccdf3cd40c1775e7a42f4c08

    • SHA1

      e9eea5da9774d3ad3a363761e1c3a9e6a5b73cee

    • SHA256

      bf6f92991a86b9aa3c4dd012c8b2ea0a06d6119701fc7ad5f5abc6f4012d910d

    • SHA512

      66eaf9068f7dd9c66d2997c4e3117d9f3066fba735759a661448e657c37595eb54ddf3ce35102747a75ba9b79d26149944bc3df2bddf7d920ac117e96c9fadeb

    • SSDEEP

      3072:6UdgcEHrQwndKbYshLpvlh6KG63BhpzL+JuaeoVAkOhS5pi3oerU7:6VZrFd2TD6UhUJryHoO4aU7

    • Detect Poverty Stealer Payload

    • Poverty Stealer

      Poverty Stealer is a crypto and infostealer written in C++.

    • Povertystealer family

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks