8e17c22fd68880e919e5d25d0b6f8a6b4770c2d978595f721cbed118d78c16a0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2025-06-10_f13e6e1367caf2b1492aa891a8610965_amadey_elex_gcleaner_smoke-loader_stop
Size

1.6MB
Sample

250610-v5vvpahq21
MD5

f13e6e1367caf2b1492aa891a8610965
SHA1

cc2ea3d4ccddfbe95a096aaf2dbaf41304a40d39
SHA256

8e17c22fd68880e919e5d25d0b6f8a6b4770c2d978595f721cbed118d78c16a0
SHA512

70a7dfbd4d4db48def7a3a53fef0b32f5659aeec9844821262161b43679a245544f2d1bc223da848e5b98ccd8a224ba2d646cee36bfb8fb16c652f2967cfa17f
SSDEEP

24576:1SDvn38bxsd6SWPAc9sFAQFvTTSB3k0tyikgNFtfFW+YTKK:1SzMbNSW4GsFAQtGB3kOyufFW+YTKK

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2025-06-10_f13e6e1367caf2b1492aa891a8610965_amadey_elex_gcleaner_smoke-loader_stop
- Size
  
  1.6MB
- MD5
  
  f13e6e1367caf2b1492aa891a8610965
- SHA1
  
  cc2ea3d4ccddfbe95a096aaf2dbaf41304a40d39
- SHA256
  
  8e17c22fd68880e919e5d25d0b6f8a6b4770c2d978595f721cbed118d78c16a0
- SHA512
  
  70a7dfbd4d4db48def7a3a53fef0b32f5659aeec9844821262161b43679a245544f2d1bc223da848e5b98ccd8a224ba2d646cee36bfb8fb16c652f2967cfa17f
- SSDEEP
  
  24576:1SDvn38bxsd6SWPAc9sFAQFvTTSB3k0tyikgNFtfFW+YTKK:1SzMbNSW4GsFAQtGB3kOyufFW+YTKK
Score

7^/10

discovery
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1