2024-11-27_219380d42a4b0a7f76f8c3cc098479b7_smoke-loader_wapomi

Sharing

Copy URL

Twitter E-mail

General

Target

2024-11-27_219380d42a4b0a7f76f8c3cc098479b7_smoke-loader_wapomi
Size

80KB
MD5

219380d42a4b0a7f76f8c3cc098479b7
SHA1

00a72c989045650fade5e44ecc5df291215d8c9f
SHA256

2db1f0083e383bbda658662749951742c1e8790f32c18e918c643e2fbd625f7f
SHA512

0eb968ffe8a9c0617be66bd17d123d5b0453d7583c160c5899c0b24234b6dcd10cac90e8965be054bf040fcd9b93e9a34cc7400d73f8e5274070ae38f1714a44
SSDEEP

1536:UEB6rH+8W3bN7PUA6pLr3+McGCq2iW7z:U66rH/nRpX+FGCH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-11-27_219380d42a4b0a7f76f8c3cc098479b7_smoke-loader_wapomi

Files

2024-11-27_219380d42a4b0a7f76f8c3cc098479b7_smoke-loader_wapomi
.exe windows:5 windows x86 arch:x86

a8d7b9fc28424db3c4fefc92d9b32c9e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileStructA
Sleep
VirtualProtectEx
ContinueDebugEvent
WaitForDebugEvent
CloseHandle
WriteProcessMemory
SuspendThread
ResumeThread
CreateFileA
GetVersionExA
CreateThread
GetFileSize
GetTickCount
OpenProcess
TerminateThread
GetFileAttributesA
GetExitCodeProcess
CreateProcessA
TerminateProcess
ReadFile
ExitThread
SetCurrentDirectoryA
FindFirstFileA
FindClose
FindNextFileA
lstrcpyA
SetFilePointer
lstrlenA
WriteFile
lstrcatA
GetLastError
GetLocalTime
WritePrivateProfileStringA
FileTimeToSystemTime
GetSystemInfo
GetModuleHandleA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
GetLocaleInfoA
HeapSize
RtlUnwind
HeapReAlloc
VirtualAlloc
HeapAlloc
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetPrivateProfileStringA
WritePrivateProfileStructA
GetThreadContext
LocalFree
GetExitCodeThread
LocalAlloc
LoadLibraryA
GetProcAddress
ReadProcessMemory
GetCurrentProcess
InitializeCriticalSectionAndSpinCount
IsDebuggerPresent
FreeLibrary
GetModuleFileNameA
GetCommandLineA
GetStartupInfoA
SetUnhandledExceptionFilter
GetModuleHandleW
ExitProcess
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapCreate
VirtualFree
HeapFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
UnhandledExceptionFilter

user32

GetSystemMetrics
CreateWindowExA
GetDlgItemTextA
ScreenToClient
RegisterClassExA
SendDlgItemMessageA
LoadIconA
GetClientRect
SendMessageA
GetDlgItem
EndDialog
SetWindowPos
ShowWindow
ReleaseCapture
LoadCursorA
DialogBoxParamA
MoveWindow
SetDlgItemTextA
GetWindowRect
CheckDlgButton
IsDlgButtonChecked
wsprintfA
InvalidateRect

gdi32

DeleteObject
CreateSolidBrush
SetBkColor

comdlg32

GetOpenFileNameA

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

shell32

DragFinish
DragAcceptFiles
DragQueryFileA

comctl32

InitCommonControlsEx

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

-bգuS
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a8d7b9fc28424db3c4fefc92d9b32c9e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

comctl32

Sections

.text Size: 40KB - Virtual size: 39KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 4KB - Virtual size: 10KB

.rsrc Size: 4KB - Virtual size: 4KB

-bգuS Size: 16KB - Virtual size: 20KB

.text
Size: 40KB - Virtual size: 39KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 4KB - Virtual size: 10KB

.rsrc
Size: 4KB - Virtual size: 4KB

-bգuS
Size: 16KB - Virtual size: 20KB