2025-04-18_7af786e451829fefbc5c6672ea3a6d50_amadey_elex_redline-stealer_rhadamanthys_smoke-loader_stealc

Resubmissions

18/04/2025, 14:05

250418-rd6w4avwhv 10

18/04/2025, 14:00

250418-rbdsjavvhv 10

Sharing

Copy URL

Twitter E-mail

General

Target

2025-04-18_7af786e451829fefbc5c6672ea3a6d50_amadey_elex_redline-stealer_rhadamanthys_smoke-loader_stealc
Size

276KB
MD5

7af786e451829fefbc5c6672ea3a6d50
SHA1

9384f7a539330790353566a43f3bde5789e42d3b
SHA256

acc1f255884c2fcdacb7f77d6753e96aba681fd9ae3cc84f691a9feb6934428f
SHA512

c5ae9bee23208d3490ffd75308b08c4e3073e6b75b8f578fa1e9daa90d2d176dff5e8923848af2983f2a58295e48dd43ca864f5563a7d7dfefc829088f3dcd1b
SSDEEP

3072:PsZEuVr9l/jwWZt1bJfmMfeWGiIIxIBfXjtYueC5KiOwvRiY0bcuq5/f5gN84qvM:kftjbNG0IBBgiZvRVenw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2025-04-18_7af786e451829fefbc5c6672ea3a6d50_amadey_elex_redline-stealer_rhadamanthys_smoke-loader_stealc

Files

2025-04-18_7af786e451829fefbc5c6672ea3a6d50_amadey_elex_redline-stealer_rhadamanthys_smoke-loader_stealc
.exe windows:5 windows x86 arch:x86

9fa9386b668592c6b6f4c3793199047d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLocaleInfoA
WritePrivateProfileStructA
BuildCommDCBAndTimeoutsA
LocalCompact
EnumCalendarInfoW
VerSetConditionMask
SetDefaultCommConfigW
GetModuleHandleExW
WaitForSingleObject
WriteConsoleInputA
CallNamedPipeW
_lclose
GetCurrentThread
SetProcessPriorityBoost
GetEnvironmentStrings
GlobalAlloc
GetSystemDirectoryW
GetFirmwareEnvironmentVariableA
LoadLibraryW
GetFileAttributesA
TransactNamedPipe
GetConsoleAliasW
IsDBCSLeadByte
CompareStringW
GetDevicePowerState
DeactivateActCtx
lstrcmpA
GetStdHandle
SetLastError
GetProcAddress
ResetEvent
OpenWaitableTimerA
OpenMutexA
CreateFileMappingA
LocalAlloc
FindFirstVolumeMountPointW
WriteProfileSectionW
AddAtomA
EnumResourceTypesW
FindNextFileA
GetModuleHandleA
ContinueDebugEvent
CreateMutexA
GetStringTypeW
FatalAppExitA
SetCalendarInfoA
GetWindowsDirectoryW
DeleteFileW
EnumCalendarInfoExA
CopyFileExA
DeleteFileA
EnumSystemLocalesA
GetLocaleInfoA
GetConsoleOutputCP
GetPrivateProfileSectionNamesW
GetCommandLineA
HeapSetInformation
GetStartupInfoW
HeapAlloc
EnterCriticalSection
LeaveCriticalSection
DecodePointer
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
TerminateProcess
GetCurrentProcess
GetModuleHandleW
ExitProcess
WriteFile
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId
GetLastError
InterlockedDecrement
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
Sleep
HeapFree
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
RtlUnwind
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange
GetLocaleInfoW
HeapReAlloc
GetConsoleCP
GetConsoleMode
FlushFileBuffers
LCMapStringW
MultiByteToWideChar
SetFilePointer
IsProcessorFeaturePresent
HeapSize
CloseHandle
WriteConsoleW
SetStdHandle
CreateFileW
GetUserDefaultLCID
IsValidLocale

user32

LoadMenuA

advapi32

GetKernelObjectSecurity

Sections

.text
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 127KB - Virtual size: 39.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

9fa9386b668592c6b6f4c3793199047d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 86KB - Virtual size: 85KB

.data Size: 127KB - Virtual size: 39.3MB

.rsrc Size: 62KB - Virtual size: 61KB

.text
Size: 86KB - Virtual size: 85KB

.data
Size: 127KB - Virtual size: 39.3MB

.rsrc
Size: 62KB - Virtual size: 61KB