b1205d6996c5cb123d01241347f13a515cd98ad52ee8f675b816c93d29428260 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2025-07-06_69b9a08b84cbe9862715c87a8ed60df9_amadey_elex_rhadamanthys_smoke-loader
Size

71KB
Sample

250706-f79pasar2s
MD5

69b9a08b84cbe9862715c87a8ed60df9
SHA1

f35539b25f786a1f3fd1b79b0038079257eae636
SHA256

b1205d6996c5cb123d01241347f13a515cd98ad52ee8f675b816c93d29428260
SHA512

b51458ccb3835936b6a2e6532e0c6812cdfbb04e7ab410b200bb2e3eedc3e9badc47012e26f1d677017a605a7beddcc2900cf70c986a1629abaeb0298ce585fa
SSDEEP

1536:1DCFitszeGOsk8sne5u3SRtLsUEu5bc3TfaCQ0wN2o:1DCoszVO1n+cShrmpWV

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2025-07-06_69b9a08b84cbe9862715c87a8ed60df9_amadey_elex_rhadamanthys_smoke-loader
- Size
  
  71KB
- MD5
  
  69b9a08b84cbe9862715c87a8ed60df9
- SHA1
  
  f35539b25f786a1f3fd1b79b0038079257eae636
- SHA256
  
  b1205d6996c5cb123d01241347f13a515cd98ad52ee8f675b816c93d29428260
- SHA512
  
  b51458ccb3835936b6a2e6532e0c6812cdfbb04e7ab410b200bb2e3eedc3e9badc47012e26f1d677017a605a7beddcc2900cf70c986a1629abaeb0298ce585fa
- SSDEEP
  
  1536:1DCFitszeGOsk8sne5u3SRtLsUEu5bc3TfaCQ0wN2o:1DCoszVO1n+cShrmpWV
Score

7^/10

discovery
- Executes dropped EXE
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1