2025-01-21_f482f8628d2c6228ad5d2b1cdc089b6f_icedid_smoke-loader_wapomi

Sharing

Copy URL

Twitter E-mail

General

Target

2025-01-21_f482f8628d2c6228ad5d2b1cdc089b6f_icedid_smoke-loader_wapomi
Size

561KB
MD5

f482f8628d2c6228ad5d2b1cdc089b6f
SHA1

6e2d73ded040010ea239b892efc4164c9f92362a
SHA256

b5f77605f3372b9bd1ca3b696c82b1c099fa3c7866dd392f9c4e5ed48dd5e5c8
SHA512

abd042ddcd28922dbb4929d654458d9b8bf6b8743a76c834a1d155dc910092cea2befb6ee37e73d723da4ff2b1ba096d11b6d52138df4ba2b0c6e71a9598d69d
SSDEEP

12288:knsIcbXp6mxTx1H4yhMbBgOMU5ouiDaFSwNZi+s4fw:knscoyyhMbBgOrhiJSTfw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2025-01-21_f482f8628d2c6228ad5d2b1cdc089b6f_icedid_smoke-loader_wapomi

Files

2025-01-21_f482f8628d2c6228ad5d2b1cdc089b6f_icedid_smoke-loader_wapomi
.exe windows:5 windows x86 arch:x86

5d8e5d5558a73bc0ea2a2787e9fa1386

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SizeofResource
CreateFileMappingA
UnmapViewOfFile
FileTimeToLocalFileTime
OpenEventA
SetEnvironmentVariableA
CompareStringW
GetTimeZoneInformation
GetConsoleOutputCP
WriteConsoleA
GetStringTypeW
GetStringTypeA
GetConsoleMode
GetConsoleCP
InitializeCriticalSectionAndSpinCount
HeapReAlloc
HeapSize
HeapAlloc
VirtualFree
HeapFree
HeapCreate
HeapDestroy
GetStartupInfoA
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
LoadLibraryW
LCMapStringW
LCMapStringA
IsValidCodePage
GetACP
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
OutputDebugStringW
WriteConsoleW
OutputDebugStringA
GetStdHandle
DebugBreak
ExitProcess
GetFileType
SetStdHandle
VirtualAlloc
RaiseException
IsBadReadPtr
HeapValidate
GetCommandLineA
RtlUnwind
GetCurrentThread
GetLocaleInfoA
GetOEMCP
GetCPInfo
SetEvent
GlobalFlags
GetFileTime
GetFileSizeEx
GetFileAttributesA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetFileSize
SetEndOfFile
UnlockFile
LockFile
CloseHandle
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
FileTimeToSystemTime
GetModuleHandleW
InterlockedIncrement
GetCurrentProcessId
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
InterlockedDecrement
GetModuleFileNameW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
CompareStringA
LoadLibraryA
lstrcmpW
FreeLibrary
GetCurrentThreadId
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetVersionExA
lstrcmpA
MultiByteToWideChar
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
lstrlenA
SetLastError
GetAtomNameA
GlobalGetAtomNameA
GetModuleHandleA
GetProcAddress
GetSystemInfo
GetLastError
Sleep
GetModuleFileNameA
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
MapViewOfFile

user32

CharUpperA
GetWindowThreadProcessId
ReleaseCapture
SetCursor
SetRectEmpty
LoadMenuA
ModifyMenuA
InsertMenuItemA
GetMenuItemInfoA
EnableMenuItem
CheckMenuItem
CreatePopupMenu
GrayStringA
DrawTextExA
DrawTextA
FillRect
GetSysColorBrush
ShowWindow
SetWindowTextA
LoadCursorA
GetForegroundWindow
SetForegroundWindow
GetLastActivePopup
ShowOwnedPopups
IsWindowVisible
ValidateRect
InvalidateRect
UpdateWindow
ReleaseDC
GetWindowDC
GetDC
ClientToScreen
BringWindowToTop
GetMenuCheckMarkDimensions
LoadBitmapA
SetMenuItemBitmaps
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
LoadIconA
GetClientRect
MapWindowPoints
GetSysColor
DispatchMessageA
GetFocus
SetFocus
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
GetTopWindow
GetParent
GetWindow
GetCapture
WinHelpA
TrackPopupMenu
GetWindowTextA
GetKeyState
GetDlgCtrlID
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
UnhookWindowsHookEx
MessageBoxA
GetClipboardFormatNameA
UnpackDDElParam
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
SetMenu
GetMenu
GetMessageTime
GetMessagePos
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
RegisterWindowMessageA
GetDesktopWindow
DestroyMenu
LoadAcceleratorsA
TranslateAcceleratorA
ReuseDDElParam
PtInRect
InflateRect
IsWindow
SendMessageA
PostMessageA
TabbedTextOutA
PostQuitMessage
PeekMessageA
GetMenuItemID
GetMenuState
GetSubMenu
GetMenuItemCount
GetActiveWindow
SetActiveWindow
EnableWindow
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
IsMenu

shlwapi

PathFindFileNameA
PathIsUNCA
PathStripToRootA

setupapi

SetupDiCallClassInstaller
SetupCopyOEMInfA
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiSetDeviceRegistryPropertyA
SetupDiDestroyDeviceInfoList
SetupUninstallOEMInfA

newdev

UpdateDriverForPlugAndPlayDevicesA

difxapi

DriverPackageInstallA
DriverPackageUninstallA

oleacc

LresultFromObject
CreateStdAccessibleObject

gdi32

CreateBitmap
DeleteDC
SaveDC
SelectObject
GetStockObject
SetBkMode
RestoreDC
CreateSolidBrush
CreatePatternBrush
CreateFontIndirectA
CreateCompatibleBitmap
CreateCompatibleDC
ExtTextOutA
PtVisible
RectVisible
BitBlt
GetPixel
TextOutA
GetTextExtentPoint32A
Escape
GetDeviceCaps
GetClipBox
SetTextColor
SetBkColor
GetObjectType
DeleteObject
GetObjectA
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

comdlg32

GetFileTitleA

advapi32

RevertToSelf
SetThreadToken
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
OpenThreadToken

shell32

DragFinish
DragQueryFileA

ole32

StringFromCLSID
CoTaskMemFree

oleaut32

VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 396KB - Virtual size: 395KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

X�S�u!
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5d8e5d5558a73bc0ea2a2787e9fa1386

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shlwapi

setupapi

newdev

difxapi

oleacc

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 396KB - Virtual size: 395KB

.rdata Size: 99KB - Virtual size: 99KB

.data Size: 9KB - Virtual size: 24KB

.rsrc Size: 39KB - Virtual size: 39KB

X�S�u! Size: 16KB - Virtual size: 20KB

.text
Size: 396KB - Virtual size: 395KB

.rdata
Size: 99KB - Virtual size: 99KB

.data
Size: 9KB - Virtual size: 24KB

.rsrc
Size: 39KB - Virtual size: 39KB

X�S�u!
Size: 16KB - Virtual size: 20KB