42cdd97b333d36f2b18ec2bd5633012aa386dbc6a1d0b1f8b814ad1068e5f55a | Triage

Submit
Reports

Overview

overview

7

Static

static

3

2025-03-30...er.exe

windows7-x64

7

2025-03-30...er.exe

windows10-2004-x64

7

Sharing

General

Target

2025-03-30_222f7516c7424f05fd0cbbcbdf25cd0b_amadey_rhadamanthys_smoke-loader
Size

5.5MB
Sample

250330-tmbtessshy
MD5

222f7516c7424f05fd0cbbcbdf25cd0b
SHA1

1c0de6486a859d7fc373e294bc893187bf6226d3
SHA256

42cdd97b333d36f2b18ec2bd5633012aa386dbc6a1d0b1f8b814ad1068e5f55a
SHA512

5934f6552b2dc6b1658e0f46b586e25ec744e0a29d63ad124fe1b558f21821270489d97225ec22a0b21c795f291f870e26da68b792c4eee90076b7f9a34c7143
SSDEEP

98304:IGoqTB3ovZVtMnYhWYJgJheWRsFn0iydrEXvZG:Iqg/MYkYOJhjRsF0i+oxG

Score

7^/10

discovery upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2025-03-30_222f7516c7424f05fd0cbbcbdf25cd0b_amadey_rhadamanthys_smoke-loader.exe

Resource

win7-20240903-en

windows7-x64

24 signatures

150 seconds

Behavioral task

behavioral2

Sample

2025-03-30_222f7516c7424f05fd0cbbcbdf25cd0b_amadey_rhadamanthys_smoke-loader.exe

Resource

win10v2004-20250314-en

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  2025-03-30_222f7516c7424f05fd0cbbcbdf25cd0b_amadey_rhadamanthys_smoke-loader
- Size
  
  5.5MB
- MD5
  
  222f7516c7424f05fd0cbbcbdf25cd0b
- SHA1
  
  1c0de6486a859d7fc373e294bc893187bf6226d3
- SHA256
  
  42cdd97b333d36f2b18ec2bd5633012aa386dbc6a1d0b1f8b814ad1068e5f55a
- SHA512
  
  5934f6552b2dc6b1658e0f46b586e25ec744e0a29d63ad124fe1b558f21821270489d97225ec22a0b21c795f291f870e26da68b792c4eee90076b7f9a34c7143
- SSDEEP
  
  98304:IGoqTB3ovZVtMnYhWYJgJheWRsFn0iydrEXvZG:Iqg/MYkYOJhjRsF0i+oxG
Score

7^/10

discovery upx
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Network Service Discovery
  Attempt to gather information on host's network.
  discovery
- Network Share Discovery
  Attempt to gather information on host network.
  discovery
- Drops file in System32 directory
- Enumerates processes with tasklist
  discovery
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Network Share Discovery

Process Discovery

Query Registry

Remote System Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy