2025-01-08_9989e89ac4d45c080983838e5221aceb_smoke-loader_wapomi | Triage

Sharing

General

Target

2025-01-08_9989e89ac4d45c080983838e5221aceb_smoke-loader_wapomi
Size

34KB
MD5

9989e89ac4d45c080983838e5221aceb
SHA1

971c00e5778e2193f31d5512e7996a47a1b515b3
SHA256

2bef33f332a2fc7a970f40bb27068174a74c0e334ffad0bd5ea636d416ea5914
SHA512

30f39b17ba5d63dd71148db6fdc24707ab643e5377164141d08c84d2e54e755d83432e6172c80ad5a1e6dac85a541cc4ef761180d835d960fc5677b5d47e1988
SSDEEP

768:wH7I9NxEm95wtT2UihkOTNQGPL4vzZq2o9W7GsxBbPr:+I0ywJ2UihpT6GCq2iW7z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2025-01-08_9989e89ac4d45c080983838e5221aceb_smoke-loader_wapomi

Files

2025-01-08_9989e89ac4d45c080983838e5221aceb_smoke-loader_wapomi
.exe windows:5 windows x86 arch:x86

ca08e790f1889f55b29a262374afe164

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetCommandLineW
GetTickCount
GetPrivateProfileStringW
WideCharToMultiByte
Sleep
lstrcpynW
GetModuleFileNameW
lstrcmpW
lstrlenW
WritePrivateProfileStringW
lstrcmpiA
lstrcmpiW
CloseHandle
lstrcpyW
CreateThread
ExpandEnvironmentStringsW
HeapAlloc
GetProcessHeap
HeapFree

user32

GetSystemMetrics
SendMessageW
ShowWindow
SetWindowPos
SetWindowLongW
CharUpperW
PeekMessageW
GetWindowLongW
MessageBoxA
GetForegroundWindow
wsprintfW
FindWindowW
wsprintfA
CharUpperA
SetForegroundWindow
GetLastActivePopup
PostMessageW
RegisterWindowMessageW
SendInput
GetWindowRect
MapVirtualKeyW
VkKeyScanW
GetWindowThreadProcessId
FindWindowExW

shell32

SHGetSpecialFolderPathW

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

^�u�
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE