General
-
Target
2025-03-30_627bff73b072ecc872edc7aa2572dfb2_amadey_rhadamanthys_smoke-loader
-
Size
7.8MB
-
Sample
250330-tn86bastcx
-
MD5
627bff73b072ecc872edc7aa2572dfb2
-
SHA1
8cc229ae419780ca37fd28087e959a9f4574840a
-
SHA256
0d715978543633d8b2eb9661c08c2c93f039418eb0754985c6a89e120270d114
-
SHA512
0929a1cf0a64aa4458d1ffa1abcb9b8167ce0b48ae44c56647ba9329eefc176df025667a2280132d8912167e386ce8a8ab208ca59295885980721c6b7f95827e
-
SSDEEP
98304:HoqTB3Yle8vH5+pO5xLAqI+lBqyZyaUCQcyaEoA2M4dwqtTysyXVS4bGpCYP7T4X:f4eDpO7L6eQygaLpCYP71Hy9
Malware Config
Targets
-
-
Target
2025-03-30_627bff73b072ecc872edc7aa2572dfb2_amadey_rhadamanthys_smoke-loader
-
Size
7.8MB
-
MD5
627bff73b072ecc872edc7aa2572dfb2
-
SHA1
8cc229ae419780ca37fd28087e959a9f4574840a
-
SHA256
0d715978543633d8b2eb9661c08c2c93f039418eb0754985c6a89e120270d114
-
SHA512
0929a1cf0a64aa4458d1ffa1abcb9b8167ce0b48ae44c56647ba9329eefc176df025667a2280132d8912167e386ce8a8ab208ca59295885980721c6b7f95827e
-
SSDEEP
98304:HoqTB3Yle8vH5+pO5xLAqI+lBqyZyaUCQcyaEoA2M4dwqtTysyXVS4bGpCYP7T4X:f4eDpO7L6eQygaLpCYP71Hy9
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Network Service Discovery
Attempt to gather information on host's network.
-
Network Share Discovery
Attempt to gather information on host network.
-
Drops file in System32 directory
-
Enumerates processes with tasklist
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
MITRE ATT&CK Enterprise v15
Discovery
Network Service Discovery
1Network Share Discovery
1Process Discovery
1Query Registry
2Remote System Discovery
1System Information Discovery
4System Location Discovery
1System Language Discovery
1System Network Configuration Discovery
1Internet Connection Discovery
1System Network Connections Discovery
1