2024-12-21_b1deb7992fc27ed4f4b4307d1a8ce615_smoke-loader_wapomi

Sharing

Copy URL

Twitter E-mail

General

Target

2024-12-21_b1deb7992fc27ed4f4b4307d1a8ce615_smoke-loader_wapomi
Size

115KB
MD5

b1deb7992fc27ed4f4b4307d1a8ce615
SHA1

88e014372574dd35cf0a475d72cd9ba0c2916c62
SHA256

b4bfb07b932ed7367c88b76f6d56e4b0bb3d3b8a49012aa0fa8a5b091d5d757c
SHA512

e332e59496090f451c357a9404236dd27118f23140fa6a20c851deeb65b592f157335962b16b35139819851e32e97a8f5d4f038a6c05c471de39414df47d31d0
SSDEEP

3072:Y4QdYiyJpcXWJ2JWfO1e4LwbNp5Q/TdGCH:Y4LJVf7WI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-12-21_b1deb7992fc27ed4f4b4307d1a8ce615_smoke-loader_wapomi

Files

2024-12-21_b1deb7992fc27ed4f4b4307d1a8ce615_smoke-loader_wapomi
.exe windows:4 windows x86 arch:x86

5935b7ee332db3318bd72c9e06b8743e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Projects\VS2005\OutlookAccountsView\Release\OutlookAccountsView.pdb

Imports

msvcrt

_adjust_fdiv
__setusermatherr
_initterm
__wgetmainargs
_wcmdln
exit
_cexit
_XcptFilter
_exit
_c_exit
_onexit
__dllonexit
_memicmp
qsort
_wcslwr
_itow
wcsrchr
wcstoul
__p__commode
__p__fmode
__set_app_type
_controlfp
_except_handler3
strlen
malloc
wcscmp
wcsncmp
_wcsnicmp
wcschr
free
modf
??3@YAXPAX@Z
??2@YAPAXI@Z
wcslen
_wcsicmp
memcmp
memcpy
_purecall
_ultow
_wtoi
wcscpy
memset
wcscat
_snwprintf
wcsncat

comctl32

ImageList_Add
ImageList_SetImageCount
ImageList_AddMasked
CreateToolbarEx
CreateStatusWindowW
ImageList_ReplaceIcon
ImageList_Create
ord17

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

crypt32

CryptUnprotectData

kernel32

CreateProcessW
SetEnvironmentVariableW
Sleep
GetCurrentThreadId
EnumResourceTypesW
GetModuleHandleA
OpenProcess
GetStartupInfoW
CloseHandle
GetLastError
GetProcAddress
FreeLibrary
LoadLibraryW
GetFileSize
LocalFree
LocalAlloc
GetModuleHandleW
LoadResource
ReadFile
GetModuleFileNameW
LockResource
CreateFileW
LoadLibraryExW
GlobalAlloc
GetSystemDirectoryW
MultiByteToWideChar
lstrcpyW
lstrlenW
WideCharToMultiByte
GlobalUnlock
GetCurrentProcess
GetTempPathW
GlobalLock
SizeofResource
FindNextFileW
FindFirstFileW
FormatMessageW
FindClose
GetVersionExW
GetWindowsDirectoryW
GetFileAttributesW
WriteFile
FindResourceW
EnumResourceNamesW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
GetStdHandle
GetTickCount
SetErrorMode
DeleteFileW
ReadProcessMemory
GetCurrentProcessId
ExitProcess

user32

SetCursor
ReleaseDC
LoadCursorW
GetSysColorBrush
ShowWindow
ChildWindowFromPoint
GetDC
GetWindowRect
SetWindowTextW
GetDlgItemInt
InvalidateRect
UpdateWindow
SendMessageW
SetDlgItemTextW
GetDlgItemTextW
EndPaint
GetWindowPlacement
GetSystemMetrics
SetDlgItemInt
DeferWindowPos
BeginPaint
GetClientRect
CreateWindowExW
SetWindowPos
SendDlgItemMessageW
GetWindow
EndDialog
SetWindowLongW
GetDlgItem
PostMessageW
DefWindowProcW
RegisterClassW
TranslateAcceleratorW
MessageBoxW
SetMenu
GetForegroundWindow
LoadAcceleratorsW
LoadImageW
LoadIconW
GetSysColor
GetWindowLongW
EndDeferWindowPos
BeginDeferWindowPos
SetFocus
GetMenu
GetSubMenu
EmptyClipboard
EnableMenuItem
GetClassNameW
OpenClipboard
MoveWindow
CheckMenuItem
GetMenuItemCount
GetMenuStringW
SetClipboardData
EnableWindow
GetCursorPos
CloseClipboard
MapWindowPoints
GetParent
ModifyMenuW
GetMenuItemInfoW
GetDlgCtrlID
DestroyMenu
DialogBoxParamW
CreateDialogParamW
EnumChildWindows
LoadStringW
DestroyWindow
GetDesktopWindow
GetWindowTextW
LoadMenuW
DrawTextExW
GetKeyState
RegisterWindowMessageW
TrackPopupMenu
PostQuitMessage
GetMessageW
DispatchMessageW
IsDialogMessageW
TranslateMessage
GetMonitorInfoW
MonitorFromWindow
GetWindowThreadProcessId
EnumWindows
AttachThreadInput
SetForegroundWindow
DrawFrameControl

gdi32

GetStockObject
GetTextExtentPoint32W
SetBkColor
CreateCompatibleBitmap
SetStretchBltMode
StretchBlt
SetPixel
SelectObject
CreateCompatibleDC
GetObjectW
GetPixel
DeleteDC
DeleteObject
SetTextColor
CreateFontIndirectW
GetDeviceCaps
SetBkMode

comdlg32

ChooseFontW
FindTextW
GetSaveFileNameW

advapi32

RegConnectRegistryW
QueryServiceStatus
ChangeServiceConfigW
ControlService
CloseServiceHandle
RegCloseKey
OpenSCManagerW
GetUserNameW
OpenServiceW
RegEnumKeyExW
RegOpenKeyExW
RegEnumValueW
RegQueryInfoKeyW
RegQueryValueExW
GetTokenInformation
OpenProcessToken
StartServiceW

shell32

ShellExecuteExW
SHGetFileInfoW
ShellExecuteW

Sections

.text
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Ȝ��u
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5935b7ee332db3318bd72c9e06b8743e

Headers

File Characteristics

PDB Paths

Imports

msvcrt

comctl32

version

crypt32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

Sections

.text Size: 59KB - Virtual size: 59KB

.rdata Size: 14KB - Virtual size: 14KB

.data Size: 1KB - Virtual size: 8KB

.rsrc Size: 22KB - Virtual size: 21KB

Ȝ��u Size: 16KB - Virtual size: 20KB

.text
Size: 59KB - Virtual size: 59KB

.rdata
Size: 14KB - Virtual size: 14KB

.data
Size: 1KB - Virtual size: 8KB

.rsrc
Size: 22KB - Virtual size: 21KB

Ȝ��u
Size: 16KB - Virtual size: 20KB