Overview

overview

7

Static

static

3

2025-07-06...op.exe

windows10-2004-x64

7

2025-07-06...op.exe

windows11-21h2-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    2025-07-06_5e8d30b41a022262e8f5ebf15938f754_amadey_elex_gcleaner_redline-stealer_rhadamanthys_smoke-loader_stop

  • Size

    80KB

  • Sample

    250706-f7qana1vgx

  • MD5

    5e8d30b41a022262e8f5ebf15938f754

  • SHA1

    d2ca64326b3bc5a1be53491d78a407a11c56f939

  • SHA256

    3b5ba2b93ae99f5a1329d2703c15add2a2c99c4adf8d3506c711fa3c77c9654c

  • SHA512

    6f03b19df5699546d75ed262020bf64abf104fb1be76816fb9d71348566cade673a868dbb5ac64e717055cb6dc339c2f5969a4d3e52d03bd7653af309b4def79

  • SSDEEP

    768:A00UHf57LnWykdBdusOAL/2DH9owR97k9/l4ElXYWFoHiPI6zDwKT6cBJhFd/B5Y:A00URPnKfZrT2DawRR8JfP3jZB355B/

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      2025-07-06_5e8d30b41a022262e8f5ebf15938f754_amadey_elex_gcleaner_redline-stealer_rhadamanthys_smoke-loader_stop

    • Size

      80KB

    • MD5

      5e8d30b41a022262e8f5ebf15938f754

    • SHA1

      d2ca64326b3bc5a1be53491d78a407a11c56f939

    • SHA256

      3b5ba2b93ae99f5a1329d2703c15add2a2c99c4adf8d3506c711fa3c77c9654c

    • SHA512

      6f03b19df5699546d75ed262020bf64abf104fb1be76816fb9d71348566cade673a868dbb5ac64e717055cb6dc339c2f5969a4d3e52d03bd7653af309b4def79

    • SSDEEP

      768:A00UHf57LnWykdBdusOAL/2DH9owR97k9/l4ElXYWFoHiPI6zDwKT6cBJhFd/B5Y:A00URPnKfZrT2DawRR8JfP3jZB355B/

    Score
    7/10
    discoverypersistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v16

Tasks