2025-03-28_4dafc0d8a7860dad94132ac11c4c1445_amadey_rhadamanthys_smoke-loader

Sharing

Copy URL

Twitter E-mail

General

Target

2025-03-28_4dafc0d8a7860dad94132ac11c4c1445_amadey_rhadamanthys_smoke-loader
Size

13.0MB
MD5

4dafc0d8a7860dad94132ac11c4c1445
SHA1

0eed1fa871a79defe25949a4ac45e3dd6c82ea1f
SHA256

f04e4fe10026a1970e62a30ef648aa4de8654c0ff76305cb699c866a630ba82b
SHA512

5248a1e14274d28ac7f0f5db121367d80dc3b4f10c8430e13a7bf1090bf061aab1541fb831bcdc65c827202b71ab19d774e8792adc97af957021e8e1a5ae22fe
SSDEEP

6144:D1wVpPJkxqmy+qzSbEnBds2UHM5wdo952N1fqHnVO9lzXXXXXXXXXXXXXXXXXXXr:IP6ot5zVng2UHMeOczX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2025-03-28_4dafc0d8a7860dad94132ac11c4c1445_amadey_rhadamanthys_smoke-loader

Files

2025-03-28_4dafc0d8a7860dad94132ac11c4c1445_amadey_rhadamanthys_smoke-loader
.exe windows:5 windows x86 arch:x86

ab959706f506e331fe1a330a11f83715

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCPInfo
UpdateResourceA
GetNumberOfConsoleMouseButtons
GetSystemWindowsDirectoryW
SetEvent
FreeEnvironmentStringsA
GetModuleHandleW
GetTickCount
CreateActCtxW
InitializeCriticalSection
AddRefActCtx
GetStringTypeExW
WriteConsoleW
EnumDateFormatsExW
TerminateProcess
GetOverlappedResult
lstrlenW
GetLogicalDriveStringsA
GetLastError
LocalAlloc
CreateEventW
QueryDosDeviceW
VirtualProtect
GetCurrentThreadId
IsBadWritePtr
FindFirstChangeNotificationW
GetCommandLineA
GetStartupInfoA
HeapValidate
IsBadReadPtr
RaiseException
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleFileNameW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
Sleep
InterlockedIncrement
InterlockedDecrement
GetProcAddress
ExitProcess
GetModuleFileNameA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
HeapDestroy
HeapCreate
HeapFree
VirtualFree
WriteFile
HeapAlloc
HeapSize
HeapReAlloc
VirtualAlloc
GetACP
GetOEMCP
IsValidCodePage
SetFilePointer
GetConsoleCP
GetConsoleMode
DebugBreak
OutputDebugStringA
OutputDebugStringW
LoadLibraryW
MultiByteToWideChar
RtlUnwind
InitializeCriticalSectionAndSpinCount
LoadLibraryA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
FlushFileBuffers
CreateFileA
CloseHandle
GetModuleHandleA

Exports

Exports

@jdukfylyi@0
@sdxfgjy@4

Sections

.text
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 4.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12.7MB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ab959706f506e331fe1a330a11f83715

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 137KB - Virtual size: 137KB

.rdata Size: 91KB - Virtual size: 90KB

.data Size: 13KB - Virtual size: 4.9MB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 53KB - Virtual size: 52KB

.reloc Size: 12.7MB - Virtual size: 26KB

.text
Size: 137KB - Virtual size: 137KB

.rdata
Size: 91KB - Virtual size: 90KB

.data
Size: 13KB - Virtual size: 4.9MB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 53KB - Virtual size: 52KB

.reloc
Size: 12.7MB - Virtual size: 26KB