c:\dev\everything\Release BETA (Unofficial)\Everything.pdb
Static task
static1
Behavioral task
behavioral1
Sample
2025-07-02_c0adabc03341a02038e9f01196a0b5ad_amadey_elex_smoke-loader.exe
Resource
win10v2004-20250610-en
Behavioral task
behavioral2
Sample
2025-07-02_c0adabc03341a02038e9f01196a0b5ad_amadey_elex_smoke-loader.exe
Resource
win11-20250619-en
General
-
Target
2025-07-02_c0adabc03341a02038e9f01196a0b5ad_amadey_elex_smoke-loader
-
Size
4.3MB
-
MD5
c0adabc03341a02038e9f01196a0b5ad
-
SHA1
1b7c13dd7bf5b59ebb5b8ac611d4e8ac66cad32a
-
SHA256
8f83429fd5cdd10fb6ff8647b6d5ba101a3313436fb6873052899b45ded27bd6
-
SHA512
7c9f39292eb88131ff59983f423da005f0e1a533b3b897d65a3628e1b0b94d54a42a33a643a769ca0039d0525d75ced91ef129bd5debaa1f80482aeff2111ae9
-
SSDEEP
49152:Dfq5q5oQVyEQF9UkZYZGy6rEJsUXQhH6eQosgxHnoQsBY:Df3hyEQLUsy6rNUAhH6edt1
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2025-07-02_c0adabc03341a02038e9f01196a0b5ad_amadey_elex_smoke-loader
Files
-
2025-07-02_c0adabc03341a02038e9f01196a0b5ad_amadey_elex_smoke-loader.exe windows:4 windows x86 arch:x86
f3c8681d178df41452834395380e69a5
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
comctl32
ord412
ord410
ord413
ImageList_GetIcon
_TrackMouseEvent
ImageList_DrawEx
ImageList_GetIconSize
InitCommonControlsEx
kernel32
FileTimeToLocalFileTime
GetCurrentProcessId
GetCurrentThread
GlobalAlloc
GetFileSize
SetErrorMode
GetFileTime
SetThreadPriority
DeviceIoControl
LocalFree
GetSystemTimeAsFileTime
GetExitCodeProcess
QueryPerformanceFrequency
FlushFileBuffers
FreeResource
LoadResource
SizeofResource
LockResource
DisconnectNamedPipe
LocalAlloc
GetTimeZoneInformation
MulDiv
CompareStringA
GetModuleHandleA
GetModuleFileNameA
SetFilePointer
GetSystemDirectoryA
InterlockedExchange
HeapSize
GetLocaleInfoA
GetStringTypeA
LCMapStringA
RtlUnwind
RaiseException
SetHandleCount
GetEnvironmentStrings
FreeEnvironmentStringsA
GetOEMCP
GetACP
HeapReAlloc
HeapCreate
HeapDestroy
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStartupInfoA
GetCommandLineA
CreateThread
ExitThread
FileTimeToSystemTime
GlobalFree
WriteFile
LocalFileTimeToFileTime
DuplicateHandle
GetThreadPriority
WaitForMultipleObjects
GlobalMemoryStatus
SystemTimeToTzSpecificLocalTime
SetFileTime
GlobalLock
GetSystemInfo
GlobalUnlock
FindClose
ReadFile
VirtualLock
VirtualAlloc
GetProcessHeap
VirtualFree
HeapFree
HeapAlloc
VirtualQuery
TerminateProcess
GetCurrentProcess
LoadLibraryA
MoveFileExW
OpenProcess
GetVersionExA
GetSystemDefaultLangID
ConnectNamedPipe
InterlockedDecrement
InterlockedIncrement
SystemTimeToFileTime
FreeLibrary
SetConsoleCursorPosition
FreeConsole
SetConsoleScreenBufferSize
SetConsoleTextAttribute
AllocConsole
ExitProcess
FillConsoleOutputAttribute
GetFileType
GetConsoleScreenBufferInfo
WriteConsoleA
SetStdHandle
GetStdHandle
SetLastError
GetOverlappedResult
FindCloseChangeNotification
GetFileInformationByHandle
ResetEvent
Sleep
LeaveCriticalSection
GetLocalTime
CloseHandle
EnterCriticalSection
DeleteCriticalSection
SetEvent
InitializeCriticalSection
WaitForSingleObject
GetTickCount
QueryPerformanceCounter
GetCommandLineW
GetCurrentThreadId
GetLastError
GetWindowsDirectoryA
user32
CreateMenu
UpdateWindow
EnableMenuItem
EqualRect
SetCursor
SetClipboardViewer
GetSubMenu
ChangeClipboardChain
SetMenu
EnumWindows
SetScrollInfo
RegisterHotKey
SetMenuDefaultItem
ReplyMessage
IsWindowVisible
UnregisterHotKey
OpenIcon
GetCursorPos
ClientToScreen
SetCapture
SetActiveWindow
EmptyClipboard
CheckDlgButton
GetClientRect
GetCapture
MsgWaitForMultipleObjects
SetFocus
EnumChildWindows
CopyRect
MapWindowPoints
IsZoomed
BringWindowToTop
GetMenuState
ValidateRect
GetMessagePos
GetMenu
GetLastActivePopup
GetMenuDefaultItem
GetKeyState
DestroyMenu
GetDlgItem
TrackPopupMenu
DrawFrameControl
ReleaseDC
GetDC
CreatePopupMenu
AdjustWindowRectEx
DeferWindowPos
MessageBeep
CloseClipboard
GetWindowPlacement
BeginPaint
IsDlgButtonChecked
IsIconic
SetForegroundWindow
RedrawWindow
ReleaseCapture
PtInRect
FillRect
EndDeferWindowPos
GetMenuItemCount
BeginDeferWindowPos
GetNextDlgTabItem
TrackPopupMenuEx
RemoveMenu
ScreenToClient
SetWindowPos
EndPaint
GetDlgItemInt
OffsetRect
SetCursorPos
InvalidateRgn
GetSysColorBrush
DrawIconEx
PostQuitMessage
AdjustWindowRect
GetWindowDC
InflateRect
SetDlgItemInt
DrawEdge
SetClipboardData
GetDesktopWindow
GetSysColor
EndDialog
KillTimer
SetTimer
ShowWindow
DestroyIcon
DeleteMenu
GetSystemMenu
DrawMenuBar
DestroyWindow
GetWindowThreadProcessId
IsWindow
GetKeyboardLayout
GetDoubleClickTime
WindowFromPoint
IsWindowEnabled
GetSystemMetrics
CallNextHookEx
ScrollWindowEx
GetDlgCtrlID
GetMenuItemID
GetActiveWindow
MenuItemFromPoint
GetAsyncKeyState
OpenClipboard
ActivateKeyboardLayout
GetWindowRect
CreateIconIndirect
IntersectRect
GetKeyboardLayoutList
GetScrollInfo
WaitMessage
TranslateMessage
GetForegroundWindow
GetFocus
GetParent
AttachThreadInput
InvalidateRect
gdi32
GetNearestColor
CombineRgn
CreateDIBSection
PatBlt
GetDeviceCaps
ExcludeClipRect
GetClipRgn
GetStockObject
SetTextAlign
GetTextColor
GetBkColor
SetViewportOrgEx
GetRandomRgn
GetDCOrgEx
OffsetRgn
SelectClipRgn
FillRgn
IntersectClipRect
RectVisible
StretchDIBits
CreateSolidBrush
SetBrushOrgEx
GetTextAlign
GetCurrentObject
SetBkColor
SetStretchBltMode
CreatePatternBrush
SetTextColor
UnrealizeObject
GetRegionData
SetBkMode
ExtCreateRegion
CreateBitmapIndirect
CreateRectRgn
BitBlt
DeleteDC
GetDIBits
DeleteObject
SelectObject
CreateCompatibleDC
GdiFlush
CreateCompatibleBitmap
comdlg32
CommDlgExtendedError
advapi32
StartServiceW
SetServiceStatus
RegisterServiceCtrlHandlerW
ControlService
CreateServiceW
CloseServiceHandle
DeleteService
OpenSCManagerW
StartServiceCtrlDispatcherW
RegCloseKey
RegOpenKeyA
ReportEventW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
DeregisterEventSource
RegisterEventSourceW
SetServiceObjectSecurity
QueryServiceConfigW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenServiceW
shell32
DragAcceptFiles
ord62
SHAddToRecentDocs
ord18
DragFinish
ord16
ord19
ord153
SHGetSpecialFolderLocation
SHGetDesktopFolder
ord25
ord155
ord190
ole32
RegisterDragDrop
ReleaseStgMedium
OleSetClipboard
OleIsCurrentClipboard
OleFlushClipboard
CoTaskMemAlloc
PropVariantClear
RevokeDragDrop
CreateStreamOnHGlobal
CLSIDFromString
CoInitializeEx
DoDragDrop
OleInitialize
CoUninitialize
CoCreateInstance
CreateBindCtx
CoTaskMemFree
oleaut32
SysFreeString
VariantChangeType
VariantInit
VariantTimeToSystemTime
VariantClear
VarDateFromStr
SysAllocString
Sections
.text Size: 3.5MB - Virtual size: 3.5MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 440KB - Virtual size: 440KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 200KB - Virtual size: 205KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 36KB - Virtual size: 35KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 164KB - Virtual size: 164KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ