C:\hudson\jobs\ToolbarCore_Staging\workspace\build\ToolbarCore\toolbar\ie\src\toolbar\Release\Updater.pdb
Static task
static1
Behavioral task
behavioral1
Sample
2025-07-04_d3c2b6c998d5a8002aabf95c33fe965f_elex_rhadamanthys_stop.exe
Resource
win10v2004-20250619-en
General
-
Target
2025-07-04_d3c2b6c998d5a8002aabf95c33fe965f_elex_rhadamanthys_stop
-
Size
1.9MB
-
MD5
d3c2b6c998d5a8002aabf95c33fe965f
-
SHA1
7d1c750e191c8519d875ffce7574b4ed8fd472ac
-
SHA256
064ad9605fe1a8a7f085ad3e19b68aa45c6d348632c35f38c78f20670a2b8de8
-
SHA512
35a6a4b1e17f9a7a629a959fb768db0d52d81b3541e5562533e5de9353fb944c7152adacd8020e767ef0db0fde93d8d4b790a2fa9c97c7f513d4eaa880088f0b
-
SSDEEP
49152:BOCH3PVx/8N+MiZFL6ZU6CENlc7dpJLrQWd:BOCH3Pr8N+M069CEN6rV
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2025-07-04_d3c2b6c998d5a8002aabf95c33fe965f_elex_rhadamanthys_stop
Files
-
2025-07-04_d3c2b6c998d5a8002aabf95c33fe965f_elex_rhadamanthys_stop.exe windows:5 windows x86 arch:x86
8c62a28df30a69bd54801a470902cd64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
kernel32
InterlockedIncrement
GetModuleHandleW
DeleteCriticalSection
SetEvent
InitializeCriticalSection
CreateMutexW
ReleaseMutex
GetVersionExW
RemoveDirectoryW
FindClose
FindNextFileW
FindFirstFileW
GetSystemInfo
GetSystemDefaultLangID
GetFileAttributesW
CreateDirectoryW
GetFullPathNameW
GetFullPathNameA
CreateFileA
GetFileSize
SetFilePointer
SetEndOfFile
QueryPerformanceCounter
UnlockFile
LockFile
GetTickCount
GetSystemTimeAsFileTime
FormatMessageA
GetFileAttributesA
FlushFileBuffers
LockFileEx
LoadLibraryA
GetVersionExA
GetTempPathA
GetSystemTime
AreFileApisANSI
DeleteFileA
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetDriveTypeA
GetLocaleInfoW
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
InitializeCriticalSectionAndSpinCount
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
OutputDebugStringW
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetCurrentDirectoryA
GetStringTypeA
GetStartupInfoA
GetFileType
SetHandleCount
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
IsValidCodePage
GetOEMCP
GetACP
GetModuleFileNameA
GetStdHandle
HeapCreate
ExitProcess
GetModuleHandleA
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStringTypeW
LCMapStringW
LCMapStringA
GetStartupInfoW
SetFileAttributesW
GetDriveTypeW
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCPInfo
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
HeapSize
HeapReAlloc
HeapDestroy
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
Sleep
WaitForSingleObject
CreateEventW
Module32FirstW
Module32NextW
Process32FirstW
GlobalHandle
GlobalFree
SetLastError
GetModuleFileNameW
lstrcmpW
GetCurrentProcess
FlushInstructionCache
FindResourceW
LoadResource
LockResource
RaiseException
GetCurrentThreadId
GetCurrentProcessId
CreateToolhelp32Snapshot
Process32NextW
OpenProcess
CreateProcessW
lstrlenA
MultiByteToWideChar
CopyFileW
LoadLibraryW
LocalFree
GetProcAddress
FreeLibrary
GlobalAlloc
GlobalLock
GlobalUnlock
MulDiv
EnterCriticalSection
LeaveCriticalSection
GetPrivateProfileStringW
ReadFile
GetFileTime
GetLastError
InterlockedDecrement
InterlockedExchange
WideCharToMultiByte
GetTempPathW
DeleteFileW
CreateFileW
WriteFile
CloseHandle
FormatMessageW
lstrlenW
LocalAlloc
user32
SetActiveWindow
ShowWindow
MoveWindow
GetActiveWindow
IsWindowVisible
GetWindowRect
UnregisterClassA
BeginPaint
IsWindow
DrawIconEx
EqualRect
GetParent
PostMessageW
SetWindowPos
LoadImageW
SetRectEmpty
SendMessageW
GetDC
ReleaseDC
RegisterClassExW
LoadCursorW
GetClassInfoExW
RegisterWindowMessageW
DefWindowProcW
ScreenToClient
InvalidateRect
EndPaint
GetDlgItem
SetWindowLongW
GetWindowLongW
LoadAcceleratorsW
LoadStringW
GetSysColorBrush
DrawTextW
DestroyWindow
SetTimer
GetMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
MessageBoxW
GetCursorPos
UpdateWindow
PostQuitMessage
PostThreadMessageW
GetSystemMetrics
GetClientRect
PtInRect
SystemParametersInfoW
OffsetRect
CreateDialogIndirectParamW
InvalidateRgn
SetCapture
ReleaseCapture
ClientToScreen
CreateAcceleratorTableW
CharNextW
RedrawWindow
FillRect
IsChild
SetFocus
GetFocus
GetSysColor
DestroyAcceleratorTable
CallWindowProcW
SendDlgItemMessageW
CreateWindowExW
MapDialogRect
SetWindowContextHelpId
GetWindow
SetForegroundWindow
WindowFromPoint
GetClassNameW
EnumWindows
GetDesktopWindow
FindWindowW
EnumChildWindows
SendMessageTimeoutW
SetLayeredWindowAttributes
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
gdi32
SetBkMode
DeleteDC
CreateCompatibleDC
SelectObject
DeleteObject
GetStockObject
Rectangle
CreateSolidBrush
CreateCompatibleBitmap
SetTextColor
GetTextMetricsW
SetBkColor
GetBkColor
GetTextColor
CreatePen
BitBlt
StretchBlt
GetObjectW
CreateFontIndirectW
GetDIBColorTable
GetDeviceCaps
advapi32
RegEnumValueW
ConvertSidToStringSidA
GetSecurityInfo
GetAclInformation
GetAce
DeleteAce
SetSecurityInfo
AllocateAndInitializeSid
CheckTokenMembership
FreeSid
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
RegCloseKey
RegNotifyChangeKeyValue
GetUserNameW
RegEnumKeyExW
RegDeleteKeyW
RegDeleteValueW
RegFlushKey
RegQueryInfoKeyW
shell32
ShellExecuteExW
ShellExecuteW
SHGetFolderPathW
ole32
CoInitializeEx
CoInitialize
CoUninitialize
OleLockRunning
CoTaskMemAlloc
StringFromGUID2
CLSIDFromProgID
CLSIDFromString
OleInitialize
CreateStreamOnHGlobal
OleUninitialize
CoTaskMemFree
CoInitializeSecurity
CoCreateInstance
CoGetClassObject
oleaut32
LoadTypeLi
LoadRegTypeLi
OleCreateFontIndirect
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantCopy
VarBstrCmp
SysStringLen
SysStringByteLen
SysAllocStringByteLen
VariantChangeType
SysAllocString
VariantClear
VariantInit
SysAllocStringLen
SysFreeString
shlwapi
StrStrIW
PathFileExistsW
wininet
HttpEndRequestW
InternetCanonicalizeUrlW
InternetOpenW
InternetCrackUrlW
InternetConnectW
InternetCloseHandle
InternetSetOptionW
HttpOpenRequestW
HttpSendRequestW
HttpQueryInfoW
InternetReadFile
HttpSendRequestExW
version
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW
rpcrt4
UuidToStringW
RpcStringFreeW
UuidCreate
gdiplus
GdiplusShutdown
msimg32
TransparentBlt
AlphaBlend
psapi
GetModuleFileNameExW
crypt32
CryptMsgGetParam
CertFindCertificateInStore
CertGetNameStringW
CryptQueryObject
comctl32
ord17
oleacc
AccessibleChildren
AccessibleObjectFromWindow
AccessibleObjectFromPoint
WindowFromAccessibleObject
Sections
.text Size: 701KB - Virtual size: 700KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 135KB - Virtual size: 135KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 13KB - Virtual size: 25KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 469KB - Virtual size: 468KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 596KB - Virtual size: 600KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE