2025-02-02_a8162f1275e1330a99017516dc98b0d6_icedid_smoke-loader_wapomi

Sharing

Copy URL

Twitter E-mail

General

Target

2025-02-02_a8162f1275e1330a99017516dc98b0d6_icedid_smoke-loader_wapomi
Size

444KB
MD5

a8162f1275e1330a99017516dc98b0d6
SHA1

07cdabcf3fd448d8798841eea46a0a3c6b6b45c1
SHA256

951307652cb77ab475512a2faefdf2ddc71d2180792439be21ff198469e33b48
SHA512

e32b43c0253606beaa57d3b62eedc2c5d8a69976e300eb08d3af9b50e4ff9378fb860ae33bd115b3dac46d1ea0d75fecde6ac77fb6246fe0b3683b101887b6fa
SSDEEP

12288:pwRIZMUz71bA5m/hbWM467m6zjCjH1uiuREDRS:pwRIZMUz5bA5QwN6PCjHV9R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2025-02-02_a8162f1275e1330a99017516dc98b0d6_icedid_smoke-loader_wapomi

Files

2025-02-02_a8162f1275e1330a99017516dc98b0d6_icedid_smoke-loader_wapomi
.exe windows:5 windows x86 arch:x86

871a5bc11d9cfac44dd7e3f05b7d91d2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\SKE\stripperX\_Release\stripperX.pdb

Imports

kernel32

GetTimeFormatA
GetDateFormatA
GetSystemTimeAsFileTime
GetCommandLineA
GetStartupInfoA
HeapAlloc
HeapFree
HeapReAlloc
RtlUnwind
RaiseException
VirtualProtect
VirtualQuery
Sleep
ExitProcess
HeapSize
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetACP
IsValidCodePage
LCMapStringA
LCMapStringW
GetTimeZoneInformation
GetStringTypeA
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapCreate
QueryPerformanceCounter
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
GetTickCount
GetFileTime
GetFileSizeEx
GetFileAttributesA
FileTimeToLocalFileTime
SetErrorMode
GetOEMCP
GetCPInfo
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
WritePrivateProfileStringA
GlobalFlags
InterlockedIncrement
GetModuleHandleW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
FileTimeToSystemTime
GetThreadLocale
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
InterlockedDecrement
GetModuleFileNameW
GetVersionExA
FreeResource
GlobalAddAtomA
GetCurrentProcessId
GlobalDeleteAtom
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
LoadLibraryA
CompareStringA
InterlockedExchange
lstrcmpA
FreeLibrary
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
MulDiv
SetLastError
MultiByteToWideChar
lstrlenA
WriteProcessMemory
ReadProcessMemory
SwitchToThread
ResumeThread
SuspendThread
GetCurrentDirectoryA
OpenThread
SetCurrentDirectoryA
CreateProcessA
VirtualAlloc
ReadFile
VirtualFree
SetFilePointer
GetFileSize
VirtualProtectEx
GetProcAddress
GetExitCodeProcess
VirtualFreeEx
GetVersion
GetModuleHandleA
VirtualAllocEx
TerminateProcess
GetModuleFileNameA
DeviceIoControl
GetLastError
GetCurrentThread
WaitForSingleObject
CreateThread
CloseHandle
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
WriteFile
CreateFileA
GetThreadContext
GetComputerNameA
GetSystemInfo
LockResource
SizeofResource
WideCharToMultiByte
LoadResource
GetStringTypeW
FindResourceA

user32

DestroyMenu
UnregisterClassA
GetNextDlgGroupItem
InvalidateRgn
IsRectEmpty
CopyAcceleratorTableA
CharNextA
InvalidateRect
SetRect
MessageBeep
CharUpperA
ReleaseCapture
SetCapture
LoadCursorA
GetSysColorBrush
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
CheckRadioButton
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
UpdateWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
CopyRect
UnhookWindowsHookEx
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetNextDlgTabItem
EnableWindow
GetSystemMetrics
GetSysColor
SendMessageA
GetClientRect
EndDialog
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetWindowTextLengthA
GetWindowTextA
IsWindow
SetFocus
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
PostThreadMessageA
IsWindowVisible
GetKeyState
RegisterClipboardFormatA
SetForegroundWindow
DrawIcon
LoadIconA
KillTimer
IsIconic
SetTimer
MessageBoxA
PostQuitMessage
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
CheckMenuItem
EnableMenuItem
ModifyMenuA
GetParent
GetFocus
LoadBitmapA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
PostMessageA
SetCursor
IsWindowEnabled
GetLastActivePopup
GetWindowLongA
GetWindowThreadProcessId
SetWindowPos
MapDialogRect
SetWindowContextHelpId
GetWindow
ValidateRect
GetCursorPos
PeekMessageA
GetTopWindow

gdi32

CreateRectRgnIndirect
GetBkColor
GetTextColor
GetMapMode
GetStockObject
DeleteDC
ExtSelectClipRgn
ExtTextOutA
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
GetRgnBox
CreateFontA
TextOutA
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
GetObjectA
DeleteObject
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
CreateBitmap
GetDeviceCaps
Escape

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

CreateServiceA
RegCreateKeyExA
RegQueryValueA
RegOpenKeyExA
RegCreateKeyA
RegSetValueExA
ControlService
OpenSCManagerA
StartServiceA
RegQueryValueExA
DeleteService
CloseServiceHandle
OpenServiceA
GetUserNameA
RegCloseKey
RegEnumKeyA
RegOpenKeyA
RegEnumValueA
RegDeleteValueA
RegQueryInfoKeyA
RegDeleteKeyA

comctl32

ord17

shlwapi

PathFindFileNameA
PathRemoveFileSpecW
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoInitializeEx
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CoUninitialize

oleaut32

SysStringLen
SysFreeString
SysAllocStringByteLen
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
SysAllocString

Sections

.text
Size: 310KB - Virtual size: 310KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

��$�u�
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

871a5bc11d9cfac44dd7e3f05b7d91d2

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 310KB - Virtual size: 310KB

.rdata Size: 85KB - Virtual size: 85KB

.data Size: 12KB - Virtual size: 27KB

.rsrc Size: 18KB - Virtual size: 18KB

��$�u� Size: 16KB - Virtual size: 20KB

.text
Size: 310KB - Virtual size: 310KB

.rdata
Size: 85KB - Virtual size: 85KB

.data
Size: 12KB - Virtual size: 27KB

.rsrc
Size: 18KB - Virtual size: 18KB

��$�u�
Size: 16KB - Virtual size: 20KB