2024-12-21_52ada9fec77227a1fab3d1f273a911de_smoke-loader_wapomi

Sharing

Copy URL

Twitter E-mail

General

Target

2024-12-21_52ada9fec77227a1fab3d1f273a911de_smoke-loader_wapomi
Size

101KB
MD5

52ada9fec77227a1fab3d1f273a911de
SHA1

297f5257345a4e560f697264a32309eba22d8cb3
SHA256

6b511995b4c41091f5ac6f69d47dc6fd2cffebae74e8273c138a4406bcea8dd2
SHA512

a4772aa0e0d19fc9955bf9dc5ee598acf6888d9fae211693d935745dc27324e9eb08a55720455d3caf9155b36c4e9cdab65d8d38ff986364929f23733fe2dfff
SSDEEP

3072:+zbXTOKfDKPvJbLL/3nkXCgaBDwouMip5Qvb4GCH:+zbXiw0kXCIMHl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-12-21_52ada9fec77227a1fab3d1f273a911de_smoke-loader_wapomi

Files

2024-12-21_52ada9fec77227a1fab3d1f273a911de_smoke-loader_wapomi
.exe windows:4 windows x86 arch:x86

70055ac913af1cf51944ed6e600187b5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Projects\VS2005\CredHistView\Release\CredHistView.pdb

Imports

msvcrt

__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__wgetmainargs
_wcmdln
exit
_cexit
_XcptFilter
_exit
_c_exit
__p__fmode
__dllonexit
qsort
_itow
wcsrchr
wcstoul
_wcslwr
strlen
wcscmp
malloc
__set_app_type
_controlfp
_except_handler3
_onexit
wcsncmp
_wcsnicmp
wcschr
free
modf
??2@YAPAXI@Z
??3@YAXPAX@Z
_wcsicmp
wcslen
memcpy
_purecall
_ultow
_wtoi
wcscpy
memset
wcscat
_snwprintf
wcsncat

comctl32

ImageList_ReplaceIcon
ImageList_Create
ord17
ImageList_Add
ImageList_SetImageCount
ImageList_AddMasked
CreateStatusWindowW
CreateToolbarEx

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

kernel32

OpenProcess
ExitProcess
GetCurrentProcessId
ReadProcessMemory
DeleteFileW
EnumResourceTypesW
GetModuleHandleA
GetStartupInfoW
GetProcAddress
SetErrorMode
GetTickCount
GetStdHandle
LocalFree
FreeLibrary
LoadLibraryW
GetLastError
CloseHandle
GetFileSize
GetModuleHandleW
CreateFileW
LoadLibraryExW
GlobalAlloc
GetSystemDirectoryW
lstrcpyW
lstrlenW
WideCharToMultiByte
GetCurrentProcess
GlobalUnlock
GetTempPathW
GetLocaleInfoW
GlobalLock
SizeofResource
FormatMessageW
GetVersionExW
GetWindowsDirectoryW
GetFileAttributesW
WriteFile
FindResourceW
LoadResource
ReadFile
GetNumberFormatW
GetModuleFileNameW
LockResource
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
EnumResourceNamesW

user32

GetMonitorInfoW
MonitorFromWindow
DispatchMessageW
TranslateMessage
IsDialogMessageW
SetCursor
ReleaseDC
LoadCursorW
GetSysColorBrush
GetMessageW
ChildWindowFromPoint
GetDC
DrawFrameControl
GetWindowRect
SetWindowTextW
GetDlgItemInt
InvalidateRect
UpdateWindow
SendMessageW
SetDlgItemTextW
GetDlgItemTextW
EndPaint
GetWindowPlacement
GetSystemMetrics
SetDlgItemInt
DeferWindowPos
BeginPaint
GetClientRect
CreateWindowExW
SetWindowPos
SendDlgItemMessageW
GetWindow
EndDialog
SetWindowLongW
GetDlgItem
PostMessageW
DefWindowProcW
RegisterClassW
TranslateAcceleratorW
MessageBoxW
SetMenu
GetForegroundWindow
LoadAcceleratorsW
LoadImageW
LoadIconW
GetSysColor
GetWindowLongW
EndDeferWindowPos
BeginDeferWindowPos
SetFocus
GetMenu
GetSubMenu
EmptyClipboard
EnableMenuItem
GetClassNameW
OpenClipboard
MoveWindow
CheckMenuItem
GetMenuItemCount
GetMenuStringW
SetClipboardData
EnableWindow
GetCursorPos
CloseClipboard
MapWindowPoints
GetParent
DialogBoxParamW
CreateDialogParamW
EnumChildWindows
LoadStringW
DestroyWindow
GetDesktopWindow
GetWindowTextW
LoadMenuW
ModifyMenuW
GetMenuItemInfoW
GetDlgCtrlID
DestroyMenu
DrawTextExW
GetKeyState
RegisterWindowMessageW
TrackPopupMenu
PostQuitMessage
ShowWindow

gdi32

GetStockObject
GetTextExtentPoint32W
SetBkColor
CreateCompatibleBitmap
SetStretchBltMode
StretchBlt
DeleteDC
SetPixel
SelectObject
CreateCompatibleDC
GetObjectW
GetPixel
DeleteObject
SetTextColor
CreateFontIndirectW
GetDeviceCaps
SetBkMode

comdlg32

FindTextW
GetOpenFileNameW
GetSaveFileNameW

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW
ConvertSidToStringSidW

shell32

SHGetFileInfoW
ShellExecuteW

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

��q,�u�
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

70055ac913af1cf51944ed6e600187b5

Headers

File Characteristics

PDB Paths

Imports

msvcrt

comctl32

version

kernel32

user32

gdi32

comdlg32

advapi32

shell32

Sections

.text Size: 45KB - Virtual size: 45KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 1024B - Virtual size: 8KB

.rsrc Size: 25KB - Virtual size: 25KB

��q,�u� Size: 16KB - Virtual size: 20KB

.text
Size: 45KB - Virtual size: 45KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 1024B - Virtual size: 8KB

.rsrc
Size: 25KB - Virtual size: 25KB

��q,�u�
Size: 16KB - Virtual size: 20KB