2025-03-30_301c1911097e970171c6b70ddbbb5936_amadey_rhadamanthys_smoke-loader

Sharing

Copy URL

Twitter E-mail

General

Target

2025-03-30_301c1911097e970171c6b70ddbbb5936_amadey_rhadamanthys_smoke-loader
Size

428KB
MD5

301c1911097e970171c6b70ddbbb5936
SHA1

a4257eb568c751b587bdcd44adb90814dcee6bc0
SHA256

d65049f8f4318152b60eeb96ecedb8f2fb8b0b2a30eed4d0e53c85dfb5aa55fc
SHA512

831153bc578309106b4b9106a1e971309ff857b8d0f187b1cfc81ef5da2ffd2eda4b0bf324db596fbd9105aefab60b2e05189108a479e828c3cb409e49633b26
SSDEEP

6144:zueLxGurWsVg44ZojxemC36lI19pFHYjhSifvGYcz1T:zueVGu6sehZ2y6lI5F0tnSh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2025-03-30_301c1911097e970171c6b70ddbbb5936_amadey_rhadamanthys_smoke-loader

Files

2025-03-30_301c1911097e970171c6b70ddbbb5936_amadey_rhadamanthys_smoke-loader
.exe windows:5 windows x86 arch:x86

c2570fa11a30da5de248ca2a99608f57

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsGetValue
SetComputerNameExA
SetEndOfFile
InterlockedIncrement
EnumCalendarInfoW
OpenJobObjectA
GetCurrentProcess
WriteConsoleInputA
GetComputerNameW
GetSystemDefaultLCID
CallNamedPipeW
OutputDebugStringW
GetModuleHandleW
GetCommConfig
FindNextVolumeMountPointA
GetDllDirectoryW
GetConsoleAliasExesW
EnumTimeFormatsA
EnumTimeFormatsW
GetUserDefaultLangID
SetFileShortNameW
LoadLibraryW
ReadConsoleInputA
SetConsoleCP
GetFileAttributesA
GetTimeFormatW
GetModuleFileNameW
LCMapStringA
InterlockedExchange
GetLogicalDriveStringsA
GetLastError
GetCurrentDirectoryW
ChangeTimerQueueTimer
SetLastError
GetProcAddress
VirtualAlloc
SetComputerNameA
GetTempFileNameA
LoadLibraryA
OpenEventA
GlobalUnWire
FreeEnvironmentStringsW
GetShortPathNameW
GetVersionExA
GetDiskFreeSpaceExW
TlsFree
SetFileAttributesW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
HeapAlloc
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
FlushFileBuffers
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
Sleep
ExitProcess
GetStdHandle
GetModuleFileNameA
HeapFree
CloseHandle
TerminateProcess
IsDebuggerPresent
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
TlsAlloc
TlsSetValue
GetCurrentThreadId
InterlockedDecrement
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
RaiseException
HeapReAlloc
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
MultiByteToWideChar
SetFilePointer
SetStdHandle
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleA
CreateFileA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize

Sections

.text
Size: 343KB - Virtual size: 342KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.siw
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fer
Size: 512B - Virtual size: 214B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c2570fa11a30da5de248ca2a99608f57

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 343KB - Virtual size: 342KB

.data Size: 24KB - Virtual size: 43KB

.siw Size: 1024B - Virtual size: 1024B

.fer Size: 512B - Virtual size: 214B

.rsrc Size: 58KB - Virtual size: 57KB

.text
Size: 343KB - Virtual size: 342KB

.data
Size: 24KB - Virtual size: 43KB

.siw
Size: 1024B - Virtual size: 1024B

.fer
Size: 512B - Virtual size: 214B

.rsrc
Size: 58KB - Virtual size: 57KB