General
-
Target
2025-07-04_13c05b9e8d135871bbbc373182384621_cosmicduke_elex_gcleaner_rhadamanthys_smoke-loader
-
Size
2.2MB
-
Sample
250704-t983fawtfx
-
MD5
13c05b9e8d135871bbbc373182384621
-
SHA1
ce277b5b1e033ab5c78c98301e5e2997ce0ebc14
-
SHA256
ab2fe427691499dc5eaa538e82fafd767b27c3f36a3a507a44eb459015b2deca
-
SHA512
e7ffab5d6934ae8b66362634748393dd167427a0fb02ad48a7e87f3503223a5eabcecd3c0ce49314b5ca32699f93530580c81eb5b5fa7de56b45c8708e661d13
-
SSDEEP
24576:yVUUI6D3RSCG0KJjf+2dkeS1vicLob4o5ueo7p1OYWuGdffYGhOnAA6:0M6zYv5roKBb4ocn7ppIrhMz6
Static task
static1
Behavioral task
behavioral1
Sample
2025-07-04_13c05b9e8d135871bbbc373182384621_cosmicduke_elex_gcleaner_rhadamanthys_smoke-loader.exe
Resource
win10v2004-20250610-en
Behavioral task
behavioral2
Sample
2025-07-04_13c05b9e8d135871bbbc373182384621_cosmicduke_elex_gcleaner_rhadamanthys_smoke-loader.exe
Resource
win11-20250610-en
Malware Config
Targets
-
-
Target
2025-07-04_13c05b9e8d135871bbbc373182384621_cosmicduke_elex_gcleaner_rhadamanthys_smoke-loader
-
Size
2.2MB
-
MD5
13c05b9e8d135871bbbc373182384621
-
SHA1
ce277b5b1e033ab5c78c98301e5e2997ce0ebc14
-
SHA256
ab2fe427691499dc5eaa538e82fafd767b27c3f36a3a507a44eb459015b2deca
-
SHA512
e7ffab5d6934ae8b66362634748393dd167427a0fb02ad48a7e87f3503223a5eabcecd3c0ce49314b5ca32699f93530580c81eb5b5fa7de56b45c8708e661d13
-
SSDEEP
24576:yVUUI6D3RSCG0KJjf+2dkeS1vicLob4o5ueo7p1OYWuGdffYGhOnAA6:0M6zYv5roKBb4ocn7ppIrhMz6
-
Executes dropped EXE
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v16
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1