91494dcc1ec08ee5c7b79dd1a76b293030c5136b0712d4c1ceead73b764de4d9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2025-06-10_ca56b09d9a1cd4f364aefc6969ffdbae_amadey_elex_rhadamanthys_smoke-loader
Size

69KB
Sample

250610-v4sc6sywfy
MD5

ca56b09d9a1cd4f364aefc6969ffdbae
SHA1

6976544963b32ba41143202b12ca3bad71f9cf3d
SHA256

91494dcc1ec08ee5c7b79dd1a76b293030c5136b0712d4c1ceead73b764de4d9
SHA512

61935fe034dbafe1ffbfbb9819ec0807688df9ab354daf9b2e7a6b21db532c55a7c00b71da93d5b571f70f5cf4b2a4cd736da444d0873c6ce12bb378f4c4ab51
SSDEEP

1536:1DCFitszeGOsk8sne5u3SRtLsUEu5bc3TfaCQ0wNu+F:1DCoszVO1n+cShrmpWd

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2025-06-10_ca56b09d9a1cd4f364aefc6969ffdbae_amadey_elex_rhadamanthys_smoke-loader
- Size
  
  69KB
- MD5
  
  ca56b09d9a1cd4f364aefc6969ffdbae
- SHA1
  
  6976544963b32ba41143202b12ca3bad71f9cf3d
- SHA256
  
  91494dcc1ec08ee5c7b79dd1a76b293030c5136b0712d4c1ceead73b764de4d9
- SHA512
  
  61935fe034dbafe1ffbfbb9819ec0807688df9ab354daf9b2e7a6b21db532c55a7c00b71da93d5b571f70f5cf4b2a4cd736da444d0873c6ce12bb378f4c4ab51
- SSDEEP
  
  1536:1DCFitszeGOsk8sne5u3SRtLsUEu5bc3TfaCQ0wNu+F:1DCoszVO1n+cShrmpWd
Score

7^/10

discovery
- Executes dropped EXE
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2