General
-
Target
2025-07-04_1b7c8b468e2fa712ceb0ee5bf4ed1e51_amadey_elex_rhadamanthys_smoke-loader_stealc_stop_tofsee
-
Size
1.7MB
-
Sample
250704-pt66patlv6
-
MD5
1b7c8b468e2fa712ceb0ee5bf4ed1e51
-
SHA1
3e2def4ab23597b44531df491be1fb91ace31e05
-
SHA256
57cb870ed0574903c6bffdc1fae2a2506c71a7f8830090700bfd6f752bb12750
-
SHA512
60836a44b4d1e8ba9cfb4c4b873207d8eee5d3e3fd521e934c8f53fb4dd2b626e0410cc6cbd532191fe70c6408bf5b48120ceddaaa3fe1246c73f4ef92a5224a
-
SSDEEP
49152:5B19SFzur/bc6/nRJ/aOheDkPQcKiwMH5yUKc5thLfrXa7sjybqS9pErw2/6pBLl:5B19ZbMG4hsYQHz0Dt
Static task
static1
Behavioral task
behavioral1
Sample
2025-07-04_1b7c8b468e2fa712ceb0ee5bf4ed1e51_amadey_elex_rhadamanthys_smoke-loader_stealc_stop_tofsee.exe
Resource
win10v2004-20250619-en
Malware Config
Targets
-
-
Target
2025-07-04_1b7c8b468e2fa712ceb0ee5bf4ed1e51_amadey_elex_rhadamanthys_smoke-loader_stealc_stop_tofsee
-
Size
1.7MB
-
MD5
1b7c8b468e2fa712ceb0ee5bf4ed1e51
-
SHA1
3e2def4ab23597b44531df491be1fb91ace31e05
-
SHA256
57cb870ed0574903c6bffdc1fae2a2506c71a7f8830090700bfd6f752bb12750
-
SHA512
60836a44b4d1e8ba9cfb4c4b873207d8eee5d3e3fd521e934c8f53fb4dd2b626e0410cc6cbd532191fe70c6408bf5b48120ceddaaa3fe1246c73f4ef92a5224a
-
SSDEEP
49152:5B19SFzur/bc6/nRJ/aOheDkPQcKiwMH5yUKc5thLfrXa7sjybqS9pErw2/6pBLl:5B19ZbMG4hsYQHz0Dt
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
MITRE ATT&CK Enterprise v16
Defense Evasion
Modify Registry
3Subvert Trust Controls
1Install Root Certificate
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1