2025-01-02_4eee65406b2d09df1fa5f4acdfbcae3a_smoke-loader_wapomi

Sharing

Copy URL

Twitter E-mail

General

Target

2025-01-02_4eee65406b2d09df1fa5f4acdfbcae3a_smoke-loader_wapomi
Size

820KB
MD5

4eee65406b2d09df1fa5f4acdfbcae3a
SHA1

3bff4caafeb79c311078b67e9a1703dd229b2a82
SHA256

dbeb578c366bac54e21557e07d3af90c757e134e1cf90ebe8fd799650fd3838f
SHA512

749cdba975ee6aa1039a08a77cbf54677f8bb93abbaa374b82d0f5372877d1c2fc8a09aad0ff0e8f01dc5e939c3a6b3598552a41fd8ab7f5b3e69108cc461667
SSDEEP

12288:In78aejEi7Qec2MDFs88z1y55r4cP43NC+HvnPmygtMqU0LbE8bKFZQLPkNmGKG+:+gEiXc22uz1y5ffx1t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2025-01-02_4eee65406b2d09df1fa5f4acdfbcae3a_smoke-loader_wapomi

Files

2025-01-02_4eee65406b2d09df1fa5f4acdfbcae3a_smoke-loader_wapomi
.exe windows:4 windows x86 arch:x86

8983cbc8e2f8d9517827f2401b3d72f1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalDeleteAtom
FreeLibrary
GlobalAlloc
lstrcmpA
GlobalLock
SizeofResource
LockResource
LoadResource
FindResourceA
LoadLibraryA
GetLocaleInfoA
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentThreadId
GetCurrentThread
SetThreadPriority
ResumeThread
SetEvent
SuspendThread
CreateEventA
GlobalAddAtomA
SetLastError
GetCurrentProcessId
FreeResource
GlobalFree
GlobalUnlock
MulDiv
GlobalSize
lstrcmpW
GlobalFindAtomA
GlobalGetAtomNameA
GetStringTypeExW
InterlockedDecrement
GlobalFlags
LocalAlloc
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
InterlockedIncrement
MoveFileA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
GetThreadLocale
DuplicateHandle
GetVolumeInformationA
GetFullPathNameA
GetShortPathNameA
CreateFileA
GetCPInfo
GetOEMCP
GetAtomNameA
FileTimeToSystemTime
SystemTimeToFileTime
SetErrorMode
FileTimeToLocalFileTime
LocalFileTimeToFileTime
SetFileTime
GetFileAttributesA
GetFileTime
GetTickCount
RtlUnwind
HeapFree
HeapAlloc
HeapReAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetCommandLineA
GetProcessHeap
GetStartupInfoA
ExitProcess
ExitThread
CreateThread
RaiseException
HeapSize
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapDestroy
HeapCreate
VirtualFree
FatalAppExitA
GetStdHandle
GetACP
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetSystemTimeAsFileTime
SetConsoleCtrlHandler
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetLocaleInfoW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
GetStringTypeExA
GetEnvironmentVariableW
GetEnvironmentVariableA
lstrlenA
lstrcmpiW
lstrcmpiA
CompareStringW
CompareStringA
lstrlenW
GetVersion
InterlockedExchange
GetVersionExA
FormatMessageA
LocalFree
MultiByteToWideChar
OpenProcess
TerminateProcess
CopyFileA
WinExec
FindFirstFileA
SetFileAttributesA
DeleteFileA
FindClose
WideCharToMultiByte
WaitForSingleObject
TerminateThread
WritePrivateProfileStringA
CreateDirectoryA
GetSystemDirectoryA
GetCurrentDirectoryA
GetModuleFileNameA
SetCurrentDirectoryA
GetPrivateProfileStringA
GetPrivateProfileIntA
Sleep
GetExitCodeProcess
CloseHandle
GetLastError
GetModuleHandleA
GetProcAddress
GetModuleFileNameW
GetCurrentProcess

user32

TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
ClientToScreen
GetDC
ReleaseDC
GetWindowDC
BeginPaint
EndPaint
DeleteMenu
SetCapture
WindowFromPoint
LoadCursorA
ReleaseCapture
WaitMessage
GetSysColorBrush
DestroyIcon
GetDialogBaseUnits
CharNextA
CopyAcceleratorTableA
IsRectEmpty
SetRect
InvalidateRect
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
InflateRect
GetMenuItemInfoA
DestroyMenu
UnregisterClassA
TranslateAcceleratorA
SetMenu
BringWindowToTop
SetRectEmpty
CreatePopupMenu
InsertMenuItemA
LoadAcceleratorsA
LoadMenuA
ReuseDDElParam
UnpackDDElParam
RegisterClipboardFormatA
GetKeyNameTextA
MapVirtualKeyA
GetSystemMenu
SetParent
UnionRect
PostThreadMessageA
SetTimer
GetDCEx
LockWindowUpdate
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
UpdateWindow
GetMenu
CreateWindowExA
GetClassInfoExA
FillRect
RegisterClassA
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
CopyRect
SendDlgItemMessageA
SetScrollInfo
SetDlgItemTextA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
GetWindowThreadProcessId
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
ShowOwnedPopups
SetCursor
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
GetParent
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
PostQuitMessage
SetForegroundWindow
FindWindowA
ScrollWindowEx
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
GetClassInfoA
IsDlgButtonChecked
MessageBoxA
SendMessageA
FindWindowExA
DrawIcon
PostMessageA
IsIconic
WinHelpA
IsChild
GetCapture
GetClientRect
KillTimer
GetClassLongA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
EnableWindow
LoadIconA
GetSystemMetrics
wsprintfA
CharLowerA
CharLowerW
CharUpperA
CharUpperW
CheckDlgButton
PtInRect
RegisterWindowMessageA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetScrollInfo
GetTopWindow
SetWindowPlacement

advapi32

RegDeleteKeyA
RegOpenKeyA
RegQueryValueA
RegSetValueA
RegCreateKeyA
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegEnumKeyA

shell32

ShellExecuteExA
DragQueryFileA
DragFinish
SHGetFileInfoA
ExtractIconA
SHGetFolderPathA

ole32

OleUninitialize
OleRun
StringFromGUID2
CoDisconnectObject
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoInitialize
CoFreeUnusedLibraries
CoUninitialize
CreateBindCtx
CoTreatAsClass
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
CoRegisterMessageFilter
CreateStreamOnHGlobal
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
CoRevokeClassObject
CoRegisterClassObject
CoCreateInstance
OleInitialize

oleaut32

VariantClear
VariantChangeType
VariantInit
SysStringLen
SysAllocStringByteLen
SysStringByteLen
OleCreateFontIndirect
VariantTimeToSystemTime
SystemTimeToVariantTime
SafeArrayDestroy
SysAllocString
SysFreeString
LoadTypeLi
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SafeArrayRedim
VariantCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayCopy
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SysReAllocStringLen
VarDateFromStr
VarBstrFromCy
VarBstrFromDec
VarDecFromStr
VarCyFromStr
VarBstrFromDate
SysAllocStringLen

setupapi

SetupPromptReboot
SetupOpenInfFileA
SetupGetInfInformationA
SetupQueryInfVersionInformationA
SetupDiDestroyDeviceInfoList
SetupCloseInfFile
CM_Locate_DevNode_ExA
CM_Reenumerate_DevNode_Ex
SetupDiGetDeviceRegistryPropertyA
SetupQueryInfFileInformationA
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo

newdev

UpdateDriverForPlugAndPlayDevicesA

psapi

GetModuleFileNameExA
EnumProcesses

shlwapi

StrStrIA
PathRemoveExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFindExtensionA

oledlg

ord8

gdi32

GetCurrentPositionEx
ArcTo
PolyDraw
PolylineTo
PolyBezierTo
ExtSelectClipRgn
DeleteDC
CreateDIBPatternBrushPt
CreatePatternBrush
CreateCompatibleDC
GetStockObject
SelectPalette
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
CreatePen
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
GetTextExtentPoint32A
GetTextMetricsA
CreateFontIndirectA
GetBkColor
GetTextColor
CreateRectRgnIndirect
GetRgnBox
SetRectRgn
RectVisible
CombineRgn
GetDeviceCaps
CopyMetaFileA
CreateDCA
GetDCOrgEx
ScaleWindowExtEx
SetTextColor
SetBkColor
GetObjectA
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetGraphicsMode
SetWorldTransform
ModifyWorldTransform
SetMapMode
ExcludeClipRect
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
IntersectClipRect
OffsetClipRgn
LineTo
MoveToEx
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
SetArcDirection
SetColorAdjustment
DeleteObject
SelectClipRgn
GetClipRgn
CreateRectRgn
SelectClipPath
GetViewportExtEx
GetWindowExtEx
BitBlt
GetPixel
StartDocA
PtVisible
SelectObject
Escape
ExtTextOutA
TextOutA
GetClipBox
CreateBitmap
StretchDIBits
CreateFontA
GetCharWidthA
CreateCompatibleBitmap
DPtoLP
PatBlt
GetMapMode

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

comdlg32

GetFileTitleA

Sections

.text
Size: 600KB - Virtual size: 597KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 148KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didat
Size: 4KB - Virtual size: 793B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

��w��uS
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8983cbc8e2f8d9517827f2401b3d72f1

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

setupapi

newdev

psapi

shlwapi

oledlg

gdi32

winspool.drv

comdlg32

Sections

.text Size: 600KB - Virtual size: 597KB

.rdata Size: 148KB - Virtual size: 146KB

.data Size: 16KB - Virtual size: 31KB

.idata Size: 20KB - Virtual size: 16KB

.didat Size: 4KB - Virtual size: 793B

.rsrc Size: 8KB - Virtual size: 6KB

��w��uS Size: 20KB - Virtual size: 20KB

.text
Size: 600KB - Virtual size: 597KB

.rdata
Size: 148KB - Virtual size: 146KB

.data
Size: 16KB - Virtual size: 31KB

.idata
Size: 20KB - Virtual size: 16KB

.didat
Size: 4KB - Virtual size: 793B

.rsrc
Size: 8KB - Virtual size: 6KB

��w��uS
Size: 20KB - Virtual size: 20KB