malware_smoke_2031282100

Sharing

Copy URL Twitter E-mail

General

Target

malware_smoke_2031282100
Size

1004KB
MD5

f7ca6ae1dc453ec9a38521434cd628f4
SHA1

fc93b89044d8b46b0dcbfbe233938dc8413ec3de
SHA256

db4244833901ba3af6a6067a221158fd6ff5c716cf71d4b793bed6f9f531f823
SHA512

4dab36acc88c07f78f7213b4a31b9c3d00957fb594eae05ec473799bb7514dbf3e7a8925825f77f28955efa0e98e0fa00899a3d1b1996a93c5ae935bd3342688
SSDEEP

24576:ooW6nH8FR0j1LI6FLq4FMHF+wQziDz/Ku7:Q6nrju68NQzumu

Score

N/A

Malware Config

Signatures

Files

malware_smoke_2031282100
.exe windows x86

36dfb94e2fea360320c145e499a37060

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedIncrement
OpenJobObjectA
ZombifyActCtx
GetConsoleAliasesA
GetConsoleTitleA
LoadLibraryW
WriteConsoleW
GetModuleFileNameW
GetOverlappedResult
FreeLibraryAndExitThread
SetLastError
GetProcAddress
GetLongPathNameA
lstrcpynA
CreateConsoleScreenBuffer
WriteProfileSectionA
LoadLibraryA
LocalAlloc
MoveFileA
GetModuleFileNameA
EnumDateFormatsW
GetShortPathNameW
GetFileInformationByHandle
InterlockedPushEntrySList
GetLastError
HeapFree
GetCommandLineA
HeapSetInformation
GetStartupInfoW
HeapCreate
HeapAlloc
EncodePointer
DecodePointer
IsProcessorFeaturePresent
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
SetFilePointer
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
EnterCriticalSection
LeaveCriticalSection
CloseHandle
GetModuleHandleW
ExitProcess
WriteFile
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetCurrentThreadId
InterlockedDecrement
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
RaiseException
Sleep
SetStdHandle
RtlUnwind
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapReAlloc
MultiByteToWideChar
HeapSize
LCMapStringW
GetStringTypeW
CreateFileW

winhttp

WinHttpSetDefaultProxyConfiguration

Sections

.text
Size: 914KB - Virtual size: 913KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 57KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

36dfb94e2fea360320c145e499a37060

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

winhttp

Sections

.text Size: 914KB - Virtual size: 913KB

.data Size: 25KB - Virtual size: 58KB

.rsrc Size: 57KB - Virtual size: 1.0MB

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 914KB - Virtual size: 913KB

.data
Size: 25KB - Virtual size: 58KB

.rsrc
Size: 57KB - Virtual size: 1.0MB

.reloc
Size: 6KB - Virtual size: 5KB