2025-04-19_7214c863e61df0ced03a9a2b8fd3b96c_amadey_elex_redline-stealer_rhadamanthys_smoke-loader_stealc

Sharing

Copy URL

Twitter E-mail

General

Target

2025-04-19_7214c863e61df0ced03a9a2b8fd3b96c_amadey_elex_redline-stealer_rhadamanthys_smoke-loader_stealc
Size

284KB
MD5

7214c863e61df0ced03a9a2b8fd3b96c
SHA1

6c454ff0a4e19186d34872845d8eef33be74d509
SHA256

798e2e12a4878da5c940cccafce347f0ce986937b032abdb0a0b7d753a9d0fa7
SHA512

ec7c2aff1e033539eb08dfc9c7333e370e862e20f3655c94fae64d279d595679f15bc2d15f161331ea4101663af8923551d6fc2986722cf475b7dfb51c23df59
SSDEEP

3072:TTi6PmZfAiObukmip6wQojTvw5DV5rApehT+Xo/fzkYGjwVUDnE++sl1bQ9nt1op:X1Yoqup6aaRp3jk5sQn2S+revf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2025-04-19_7214c863e61df0ced03a9a2b8fd3b96c_amadey_elex_redline-stealer_rhadamanthys_smoke-loader_stealc

Files

2025-04-19_7214c863e61df0ced03a9a2b8fd3b96c_amadey_elex_redline-stealer_rhadamanthys_smoke-loader_stealc
.exe windows:5 windows x86 arch:x86

fdd32452fd7f5c1d64dea3b8261b2bbc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileSectionNamesW
CreateTimerQueue
CreateMutexW
lstrcmpA
SetLocaleInfoA
EnumCalendarInfoA
GetModuleHandleExA
BuildCommDCBAndTimeoutsA
CallNamedPipeA
LocalCompact
EnumCalendarInfoW
SetDefaultCommConfigW
InterlockedCompareExchange
WriteConsoleInputA
BackupSeek
_lclose
GetWindowsDirectoryA
FindActCtxSectionStringA
SetProcessPriorityBoost
GetDriveTypeA
GetEnvironmentStrings
GlobalAlloc
GetSystemDirectoryW
GetFirmwareEnvironmentVariableA
LoadLibraryW
GetFileAttributesA
TransactNamedPipe
GetConsoleAliasW
PulseEvent
CompareStringW
GetDevicePowerState
DeactivateActCtx
GetConsoleOutputCP
GetStdHandle
SetLastError
GetProcAddress
ResetEvent
OpenWaitableTimerA
OpenMutexA
CreateFileMappingA
LocalAlloc
SetCalendarInfoW
FindFirstVolumeMountPointW
WriteProfileSectionW
AddAtomA
WaitForMultipleObjects
EnumResourceTypesW
FindNextFileA
GetModuleHandleA
GetStringTypeW
WaitForDebugEvent
GetCurrentThreadId
DeleteFileW
CopyFileExA
IsValidLocale
EnumSystemLocalesA
IsDBCSLeadByte
LocalUnlock
GetCommandLineA
HeapSetInformation
GetStartupInfoW
HeapAlloc
EnterCriticalSection
LeaveCriticalSection
DecodePointer
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
TerminateProcess
GetCurrentProcess
GetModuleHandleW
ExitProcess
WriteFile
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetLastError
InterlockedDecrement
GetCurrentThread
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
Sleep
HeapFree
FatalAppExitA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
RtlUnwind
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange
GetLocaleInfoW
HeapReAlloc
GetConsoleCP
GetConsoleMode
FlushFileBuffers
LCMapStringW
MultiByteToWideChar
SetFilePointer
IsProcessorFeaturePresent
HeapSize
CloseHandle
WriteConsoleW
SetStdHandle
CreateFileW
GetUserDefaultLCID
GetLocaleInfoA
DeleteFileA

user32

LoadMenuA

advapi32

ReportEventW

Sections

.text
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 127KB - Virtual size: 39.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fdd32452fd7f5c1d64dea3b8261b2bbc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 86KB - Virtual size: 85KB

.data Size: 127KB - Virtual size: 39.3MB

.rsrc Size: 70KB - Virtual size: 69KB

.text
Size: 86KB - Virtual size: 85KB

.data
Size: 127KB - Virtual size: 39.3MB

.rsrc
Size: 70KB - Virtual size: 69KB