General
-
Target
2025-07-02_b0c4524b5de254538012056bcb6d1e91_amadey_cryptolocker_elex_mafia_rhadamanthys_smoke-loader_stealc_stop_tofsee
-
Size
2.7MB
-
Sample
250702-xfyw6ahr5t
-
MD5
b0c4524b5de254538012056bcb6d1e91
-
SHA1
084b5c181c64bc32073f6482ab38fa2b411fc88c
-
SHA256
5c8ed13a53fca08bc2396945c598b41f0eceb0e927222214a097b9d3fdc414a7
-
SHA512
dfe9be04363832e2f1f0dc6377f969e431ddb698d5b519fe85d489448c90cc77804eed11a9de804302c6e5f32bffbfb4648bfd2ec67595ddfee28a2888164be5
-
SSDEEP
49152:KHHKO29QG56/OJdJCXDrsOFZMjHfUTGkQy5QZuTtS0rQMYOF:KnKdVkOhCXHHFZMjHfUKkVWsM0r1F
Static task
static1
Behavioral task
behavioral1
Sample
2025-07-02_b0c4524b5de254538012056bcb6d1e91_amadey_cryptolocker_elex_mafia_rhadamanthys_smoke-loader_stealc_stop_tofsee.exe
Resource
win10v2004-20250610-en
Malware Config
Targets
-
-
Target
2025-07-02_b0c4524b5de254538012056bcb6d1e91_amadey_cryptolocker_elex_mafia_rhadamanthys_smoke-loader_stealc_stop_tofsee
-
Size
2.7MB
-
MD5
b0c4524b5de254538012056bcb6d1e91
-
SHA1
084b5c181c64bc32073f6482ab38fa2b411fc88c
-
SHA256
5c8ed13a53fca08bc2396945c598b41f0eceb0e927222214a097b9d3fdc414a7
-
SHA512
dfe9be04363832e2f1f0dc6377f969e431ddb698d5b519fe85d489448c90cc77804eed11a9de804302c6e5f32bffbfb4648bfd2ec67595ddfee28a2888164be5
-
SSDEEP
49152:KHHKO29QG56/OJdJCXDrsOFZMjHfUTGkQy5QZuTtS0rQMYOF:KnKdVkOhCXHHFZMjHfUKkVWsM0r1F
Score7/10-
Executes dropped EXE
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Drops file in System32 directory
-