2024-11-27_d7c50ced528feffdeeaeae2bea3a794e_smoke-loader_wapomi

Sharing

Copy URL

Twitter E-mail

General

Target

2024-11-27_d7c50ced528feffdeeaeae2bea3a794e_smoke-loader_wapomi
Size

78KB
MD5

d7c50ced528feffdeeaeae2bea3a794e
SHA1

6a94585deccf962905ff250dc98041eaae4419d1
SHA256

707936f318e6fe6451dbdb4b0cad30c18d96d519e46c0182a4b29ee48c77d786
SHA512

dfa5d113075804dd4ea1e098a7d3c7a25ee4b5e7d4c6e6a288f04d9262d05e5d1042939a5c6de10760b99ee66f8877cf4cf19b7ba7382309a8d91cd4c444b469
SSDEEP

1536:X4Uw62baSYSBPcPeMjXM7QybzGCq2iW7z:IUkbaTjX8Q4GCH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
2024-11-27_d7c50ced528feffdeeaeae2bea3a794e_smoke-loader_wapomi

Files

2024-11-27_d7c50ced528feffdeeaeae2bea3a794e_smoke-loader_wapomi
.exe windows:5 windows x86 arch:x86

af07ddb9c43660a6c75e879e835ea2b5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CreateWindowExA
GetDlgItem
GetClientRect
GetDlgItemTextA
SetTimer
DialogBoxParamA
SetWindowPos
SendMessageA
ShowWindow
LoadIconA
SendDlgItemMessageA
EndDialog
KillTimer
ReleaseCapture
SetDlgItemTextA
CheckDlgButton
IsDlgButtonChecked
wsprintfA

kernel32

GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
HeapSize
RtlUnwind
HeapReAlloc
VirtualAlloc
GetSystemInfo
GetProcAddress
GetModuleHandleA
lstrlenA
GetVersionExA
GetLocaleInfoA
LocalFree
ReadProcessMemory
LocalAlloc
GetCurrentProcess
FreeLibrary
LoadLibraryA
SetThreadContext
GetThreadContext
WriteProcessMemory
WritePrivateProfileStringA
GetPrivateProfileStringA
VirtualProtectEx
SuspendThread
Sleep
ResumeThread
CloseHandle
CreateThread
CreateFileA
ExitProcess
ExitThread
GetExitCodeThread
SetThreadPriority
OpenProcess
CreateProcessA
ReadFile
GetTickCount
TerminateProcess
GetExitCodeProcess
TerminateThread
DeleteFileA
lstrcatA
GetTempPathA
WriteFile
SetFilePointer
GetLastError
GetLocalTime
FileTimeToSystemTime
lstrcpyA
GetModuleFileNameA
SetCurrentDirectoryA
GetFileSize
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetCommandLineA
GetStartupInfoA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapCreate
VirtualFree
HeapFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
HeapAlloc

shell32

DragAcceptFiles
DragQueryFileA
SHGetSpecialFolderPathA

comdlg32

GetOpenFileNameA

advapi32

RegOpenKeyExA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyA
RegCloseKey
RegDeleteValueA

Sections

.text
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

<
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

af07ddb9c43660a6c75e879e835ea2b5

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

shell32

comdlg32

advapi32

Sections

.text Size: 41KB - Virtual size: 40KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 3KB - Virtual size: 11KB

.rsrc Size: 4KB - Virtual size: 3KB

< Size: 16KB - Virtual size: 20KB

.text
Size: 41KB - Virtual size: 40KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 3KB - Virtual size: 11KB

.rsrc
Size: 4KB - Virtual size: 3KB

<
Size: 16KB - Virtual size: 20KB