General

  • Target

    2025-07-02_b2c8a76af2f9a506a339c10d2862d005_amadey_elex_rhadamanthys_smoke-loader_stop

  • Size

    299KB

  • Sample

    250702-xf9nnazrz2

  • MD5

    b2c8a76af2f9a506a339c10d2862d005

  • SHA1

    8fc4a5eb0a359be9c66c57f40d0a67dcfdedab10

  • SHA256

    ccad5ffdb0b2fd9f8f42f700fc2a657cd9511e34b41525d0b631d3c4d4888ac9

  • SHA512

    d9158e8f239bdbc54cfc405a6c2bc16c55be02e60f87d551f36756ae1e4a18c6f789b5c565c5a21e1772f1ca3859c14c91a7f067a3962d049a07473c35a4b9e9

  • SSDEEP

    6144:L+k5XLaJbcplKJmxOYO3rLPFE2NJOdK/wmU:t+JbMJqfFE27P9U

Malware Config

Targets

    • Target

      2025-07-02_b2c8a76af2f9a506a339c10d2862d005_amadey_elex_rhadamanthys_smoke-loader_stop

    • Size

      299KB

    • MD5

      b2c8a76af2f9a506a339c10d2862d005

    • SHA1

      8fc4a5eb0a359be9c66c57f40d0a67dcfdedab10

    • SHA256

      ccad5ffdb0b2fd9f8f42f700fc2a657cd9511e34b41525d0b631d3c4d4888ac9

    • SHA512

      d9158e8f239bdbc54cfc405a6c2bc16c55be02e60f87d551f36756ae1e4a18c6f789b5c565c5a21e1772f1ca3859c14c91a7f067a3962d049a07473c35a4b9e9

    • SSDEEP

      6144:L+k5XLaJbcplKJmxOYO3rLPFE2NJOdK/wmU:t+JbMJqfFE27P9U

    • Modifies visiblity of hidden/system files in Explorer

    • Executes dropped EXE

    • Adds Run key to start application

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v16

Tasks