General

  • Target

    2025-07-02_b0c4524b5de254538012056bcb6d1e91_amadey_cryptolocker_elex_mafia_rhadamanthys_smoke-loader_stealc_stop_tofsee

  • Size

    2.7MB

  • Sample

    250702-xfyw6ahr5t

  • MD5

    b0c4524b5de254538012056bcb6d1e91

  • SHA1

    084b5c181c64bc32073f6482ab38fa2b411fc88c

  • SHA256

    5c8ed13a53fca08bc2396945c598b41f0eceb0e927222214a097b9d3fdc414a7

  • SHA512

    dfe9be04363832e2f1f0dc6377f969e431ddb698d5b519fe85d489448c90cc77804eed11a9de804302c6e5f32bffbfb4648bfd2ec67595ddfee28a2888164be5

  • SSDEEP

    49152:KHHKO29QG56/OJdJCXDrsOFZMjHfUTGkQy5QZuTtS0rQMYOF:KnKdVkOhCXHHFZMjHfUKkVWsM0r1F

Score
7/10

Malware Config

Targets

    • Target

      2025-07-02_b0c4524b5de254538012056bcb6d1e91_amadey_cryptolocker_elex_mafia_rhadamanthys_smoke-loader_stealc_stop_tofsee

    • Size

      2.7MB

    • MD5

      b0c4524b5de254538012056bcb6d1e91

    • SHA1

      084b5c181c64bc32073f6482ab38fa2b411fc88c

    • SHA256

      5c8ed13a53fca08bc2396945c598b41f0eceb0e927222214a097b9d3fdc414a7

    • SHA512

      dfe9be04363832e2f1f0dc6377f969e431ddb698d5b519fe85d489448c90cc77804eed11a9de804302c6e5f32bffbfb4648bfd2ec67595ddfee28a2888164be5

    • SSDEEP

      49152:KHHKO29QG56/OJdJCXDrsOFZMjHfUTGkQy5QZuTtS0rQMYOF:KnKdVkOhCXHHFZMjHfUKkVWsM0r1F

    Score
    7/10
    • Executes dropped EXE

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v16

Tasks