General

  • Target

    2025-07-01_c0c98834f7de2ead6f19e10e92e45b11_amadey_coinminer_darkgate_elex_hijackloader_rhadamanthys_smoke-loader_stop

  • Size

    5.2MB

  • Sample

    250701-j7bdaagm31

  • MD5

    c0c98834f7de2ead6f19e10e92e45b11

  • SHA1

    9127e6e4a2b01dc8025abf45a2ce7454e26c7d0d

  • SHA256

    5de235cd2f4e144992748acd6cd771c64f5d8fc32614572aa8c44fb30b905ebc

  • SHA512

    e495b527a5cd083470338069fdf4cc266cfa8e47d31233d2c19a3800739ab420fda7ed21f09ab7fbbce2b8fd269b18c9f749f03bc32338104c0903c4b36954d8

  • SSDEEP

    98304:gTvggVssYOXwnS4rVGpYOXwnS4rVkzp9/j/tpA4gBWGabdL:aY4sBI0IZFl

Malware Config

Targets

    • Target

      2025-07-01_c0c98834f7de2ead6f19e10e92e45b11_amadey_coinminer_darkgate_elex_hijackloader_rhadamanthys_smoke-loader_stop

    • Size

      5.2MB

    • MD5

      c0c98834f7de2ead6f19e10e92e45b11

    • SHA1

      9127e6e4a2b01dc8025abf45a2ce7454e26c7d0d

    • SHA256

      5de235cd2f4e144992748acd6cd771c64f5d8fc32614572aa8c44fb30b905ebc

    • SHA512

      e495b527a5cd083470338069fdf4cc266cfa8e47d31233d2c19a3800739ab420fda7ed21f09ab7fbbce2b8fd269b18c9f749f03bc32338104c0903c4b36954d8

    • SSDEEP

      98304:gTvggVssYOXwnS4rVGpYOXwnS4rVkzp9/j/tpA4gBWGabdL:aY4sBI0IZFl

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v16

Tasks