valleyrat_s2 | 3d292e3620f0f47b263394f55196f3366ac6fbf2668c6e86bc17e05c6e2d930a | Triage

Sharing

General

Target

2025-04-01_e64b5c42a0d76589a1898aaf468b3b38_amadey_karagany_rhadamanthys_smoke-loader
Size

108KB
Sample

250401-gfa74at1fy
MD5

e64b5c42a0d76589a1898aaf468b3b38
SHA1

fd8f2f236c86ada12eb0185b102ff935fe755547
SHA256

3d292e3620f0f47b263394f55196f3366ac6fbf2668c6e86bc17e05c6e2d930a
SHA512

edbd6bebd5d84d03f980c9d905006ad499b658a729a9f017547d79250e8061d22189e7cb3e6f8658f177beb216a71732d0c760eadb962f765c41369acce86efd
SSDEEP

3072:SbWjdIPbcia0NFtwwnILn3py6D268XEPK52:SbWjMbcCtwwnchx1y

Score

10^/10

valleyrat_s2 discovery

Malware Config

Extracted

Family

valleyrat_s2

Version

1.0

C2

43.136.124.75:6698

43.136.124.75:8895

43.136.124.75:80

Attributes

campaign_date
2024.10.29

Targets

- Target
  
  2025-04-01_e64b5c42a0d76589a1898aaf468b3b38_amadey_karagany_rhadamanthys_smoke-loader
- Size
  
  108KB
- MD5
  
  e64b5c42a0d76589a1898aaf468b3b38
- SHA1
  
  fd8f2f236c86ada12eb0185b102ff935fe755547
- SHA256
  
  3d292e3620f0f47b263394f55196f3366ac6fbf2668c6e86bc17e05c6e2d930a
- SHA512
  
  edbd6bebd5d84d03f980c9d905006ad499b658a729a9f017547d79250e8061d22189e7cb3e6f8658f177beb216a71732d0c760eadb962f765c41369acce86efd
- SSDEEP
  
  3072:SbWjdIPbcia0NFtwwnILn3py6D268XEPK52:SbWjMbcCtwwnchx1y
Score

3^/10

discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1