c:\Code\C++\xmodify\xmodify\Debug\xmodify.pdb
Static task
static1
General
-
Target
2025-05-15_2536ffb34aa788c0f3ca59d0825deca1_amadey_elex_smoke-loader
-
Size
376KB
-
MD5
2536ffb34aa788c0f3ca59d0825deca1
-
SHA1
da24e95e8f4de1807454ca18e9cc01313b43bb09
-
SHA256
296078d7b7229942041cfc907d5f0dc0751e6ec0d8f576e214aa0adf198b4f36
-
SHA512
1922410adcb327b0480607a1cc1ba63f6f7244a529acb04ce67cfd3b54ef58ccc6c249a8c6c29be31bd66d0fa54f5342e188f1a8fbdf5eccf043f981e63be7eb
-
SSDEEP
6144:vV8FIzNUJMKg5JyZoaRsjV9la9Kwcs3v+CRon5FoV+9kyFq9f:KYMgzyVRsjPJu3v+eoQ+PFq
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2025-05-15_2536ffb34aa788c0f3ca59d0825deca1_amadey_elex_smoke-loader
Files
-
2025-05-15_2536ffb34aa788c0f3ca59d0825deca1_amadey_elex_smoke-loader.exe windows:4 windows x86 arch:x86
24e7cbf7b27243f0da0b84fcfe3d3ee1
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
kernel32
FindClose
GetLastError
FindNextFileA
FindFirstFileA
RtlUnwind
GetModuleFileNameA
IsBadWritePtr
IsBadReadPtr
HeapValidate
RaiseException
GetCommandLineA
GetVersionExA
GetModuleHandleA
DebugBreak
GetProcAddress
LoadLibraryA
GetStdHandle
WriteFile
InterlockedDecrement
OutputDebugStringA
InterlockedIncrement
TerminateProcess
GetCurrentProcess
ExitProcess
SetConsoleCtrlHandler
CloseHandle
ReadFile
SetHandleCount
GetFileType
GetStartupInfoA
SetFilePointer
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
HeapAlloc
HeapReAlloc
HeapFree
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
IsBadCodePtr
GetProcessHeap
FreeLibrary
FlushFileBuffers
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
SetStdHandle
CreateFileA
VirtualProtect
GetSystemInfo
VirtualQuery
GetLocaleInfoA
InterlockedExchange
SetEndOfFile
IsValidLocale
IsValidCodePage
EnumSystemLocalesA
GetUserDefaultLCID
GetTimeFormatA
GetDateFormatA
GetLocaleInfoW
GetTimeZoneInformation
CompareStringA
CompareStringW
SetEnvironmentVariableA
Sections
.textbss Size: - Virtual size: 143KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text Size: 316KB - Virtual size: 314KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 36KB - Virtual size: 33KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 12KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.zero Size: 4KB - Virtual size: 3KB
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ