2025-02-02_1dfbc1bc4b4b6bfe57f5aaf82466354b_smoke-loader_wapomi

Sharing

Copy URL

Twitter E-mail

General

Target

2025-02-02_1dfbc1bc4b4b6bfe57f5aaf82466354b_smoke-loader_wapomi
Size

779KB
MD5

1dfbc1bc4b4b6bfe57f5aaf82466354b
SHA1

2d7db55a4741cfc710e4f3b2ee23dbc1604ba3c2
SHA256

e2934714e4c055e8378b6e35fcbcb3594643af811a5ccb2a68ca8394072a3c1a
SHA512

9feb9144ff6336de57810bcab4c1722012548a2f006109182409891511a1cf4142f3300388eb458a2e7fe36642a604b9d3447ed978063f2164069f53dc1f760b
SSDEEP

12288:QRYPGFJKTXO/7X8zoJrobeJqUgUeXBZRKnCq5mZL0cac:P+eTX+73ro6JjgUexZRcCpLF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2025-02-02_1dfbc1bc4b4b6bfe57f5aaf82466354b_smoke-loader_wapomi

Files

2025-02-02_1dfbc1bc4b4b6bfe57f5aaf82466354b_smoke-loader_wapomi
.exe windows:5 windows x86 arch:x86

0792fb9ff2d6f4264a20687220a93e9a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
VirtualProtect
VirtualQuery
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
QueryPerformanceCounter
GetSystemTimeAsFileTime
UnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
HeapSize
LCMapStringW
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
LCMapStringA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
RaiseException
RtlUnwind
HeapReAlloc
GetStartupInfoW
GetFileTime
GetFileSizeEx
GetFileAttributesW
FileTimeToLocalFileTime
SetErrorMode
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
lstrcmpiW
GetStringTypeExW
FileTimeToSystemTime
GetThreadLocale
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
InterlockedExchange
WritePrivateProfileStringW
GetPrivateProfileIntW
GlobalFlags
GlobalGetAtomNameW
lstrlenA
lstrcmpA
GetCurrentProcessId
GetModuleHandleA
InterlockedDecrement
WideCharToMultiByte
FormatMessageW
LocalFree
lstrlenW
CompareStringW
LoadLibraryA
lstrcmpW
MultiByteToWideChar
GetVersionExA
ExitThread
ReadFile
GetFileSize
CreateProcessW
GetShortPathNameW
CreateThread
TerminateProcess
SetPriorityClass
GetPriorityClass
Sleep
HeapAlloc
GetProcessHeap
HeapFree
GetWindowsDirectoryW
GetCurrentProcess
GetModuleFileNameW
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetCurrentThreadId
GetTickCount
GetLastError
SetLastError
MulDiv
GetVersionExW
GetVersion
FreeLibrary
GetProcAddress
LoadLibraryW
FreeResource
GetModuleHandleW
IsBadReadPtr
ReadProcessMemory
FindResourceW
LoadResource
LockResource
SizeofResource
VirtualQueryEx
GetSystemInfo
OpenProcess
WriteFile
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
VirtualFree
VirtualAlloc
CloseHandle
CreateFileW
IsValidCodePage

user32

SetWindowContextHelpId
ShowOwnedPopups
GetSysColorBrush
UnregisterClassW
CharUpperW
CharNextW
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
RegisterClipboardFormatW
PostThreadMessageW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
EnableMenuItem
CheckMenuItem
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
GetCapture
GetClassLongW
GetForegroundWindow
GetLastActivePopup
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
PeekMessageW
MapWindowPoints
TrackPopupMenu
GetKeyState
UpdateWindow
MessageBoxW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetDlgCtrlID
SystemParametersInfoA
GetWindowTextLengthW
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
GetDlgItem
GetNextDlgTabItem
PostMessageW
EnumChildWindows
IsWindowEnabled
GetWindowTextW
EnumWindows
GetWindowThreadProcessId
SetForegroundWindow
MapDialogRect
DrawIcon
IsIconic
SetRectEmpty
SetFocus
SetCapture
PtInRect
SetParent
GetCursorPos
IsChild
GetFocus
MenuItemFromPoint
EndPaint
BeginPaint
ValidateRect
DefWindowProcW
DrawMenuBar
SetMenu
DestroyMenu
CallNextHookEx
SetPropW
GetClassNameW
CallWindowProcW
RemovePropW
GetPropW
UnhookWindowsHookEx
SetWindowsHookExW
KillTimer
SetLayeredWindowAttributes
IntersectRect
CreatePopupMenu
DeleteMenu
RedrawWindow
ClientToScreen
IsRectEmpty
GetMenuState
LoadMenuW
GetDesktopWindow
ModifyMenuW
AppendMenuW
GetMenuDefaultItem
DrawFocusRect
DrawEdge
GetMessagePos
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
InflateRect
DrawStateW
PostQuitMessage
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
GetMenuItemID
GetSubMenu
GetSystemMenu
GetMenu
WindowFromDC
GetMenuInfo
GetKeyNameTextW
MapVirtualKeyW
CopyAcceleratorTableW
DestroyIcon
GetIconInfo
CopyImage
FillRect
OffsetRect
GetWindowRect
SystemParametersInfoW
UnpackDDElParam
ReuseDDElParam
InsertMenuItemW
BringWindowToTop
TranslateAcceleratorW
LoadAcceleratorsW
GetMenuItemInfoW
GetMenuItemRect
SetMenuInfo
IsMenu
GetWindowDC
GetMenuItemCount
WindowFromPoint
GetMenuStringW
IsWindowVisible
GetSystemMetrics
CopyRect
SetRect
LoadBitmapW
SetTimer
GetWindowLongW
SetWindowLongW
SetWindowPlacement
GetWindowPlacement
MoveWindow
GetWindow
IsDialogMessageW
IsWindow
GetMessageW
ShowWindow
SetWindowTextW
CreateDialogParamW
EndDialog
InvalidateRect
TrackMouseEvent
SetCursor
ShowCursor
GetSysColor
LoadCursorW
SetDlgItemTextW
GetParent
GetDlgItemTextW
LoadIconW
ReleaseDC
GetDC
wsprintfW
GetClientRect
SetWindowPos
CreateWindowExW
SendMessageW
EnableWindow
DispatchMessageW
TranslateMessage
ReleaseCapture

gdi32

GetViewportExtEx
GetWindowExtEx
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
LineTo
ExtSelectClipRgn
GetStockObject
GetMapMode
GetBkColor
GetRgnBox
ExcludeClipRect
IntersectClipRect
SetMapMode
SetBkMode
RestoreDC
SaveDC
SetTextColor
GetClipBox
PatBlt
DPtoLP
SelectClipRgn
CreateRectRgnIndirect
CombineRgn
DeleteObject
SetBrushOrgEx
UnrealizeObject
Rectangle
PtVisible
RectVisible
Escape
RoundRect
GetNearestColor
SetWindowOrgEx
CreateSolidBrush
CreatePatternBrush
CreateCompatibleBitmap
GetTextColor
GetCurrentPositionEx
GetTextExtentPointW
ExtTextOutW
MoveToEx
SetTextAlign
GetLayout
CreateFontIndirectW
GetTextMetricsW
GetTextAlign
GetCurrentObject
SetPixel
GetPixel
SetBkColor
CreateBitmap
GetObjectW
GetDeviceCaps
TextOutW
GetTextExtentPoint32W
CreatePen
CreateFontW
DeleteDC
BitBlt
SelectObject
CreateCompatibleDC
CreateRectRgn

comdlg32

GetSaveFileNameW
GetFileTitleW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegSetValueExW
RegCloseKey
RegDeleteKeyW
OpenProcessToken
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW

shell32

ShellExecuteExW
ShellExecuteW
SHGetFileInfoW
DragFinish
DragQueryFileW

comctl32

ImageList_GetIconSize
ImageList_Create
ImageList_Add
InitCommonControlsEx
ImageList_Destroy

shlwapi

PathFindExtensionW
PathStripToRootW
PathIsUNCW
PathFindFileNameW

oledlg

OleUIBusyW

ole32

OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
OleFlushClipboard
CoTaskMemAlloc
CoTaskMemFree
CoRegisterMessageFilter
CoRevokeClassObject
OleIsCurrentClipboard
CLSIDFromProgID

oleaut32

SysAllocString
OleCreateFontIndirect
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
SysStringLen
SysFreeString

psapi

EnumProcesses
GetModuleInformation
GetModuleFileNameExW
EnumProcessModules

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

Sections

.text
Size: 403KB - Virtual size: 403KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 214KB - Virtual size: 213KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

P��u�
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0792fb9ff2d6f4264a20687220a93e9a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

psapi

version

Sections

.text Size: 403KB - Virtual size: 403KB

.rdata Size: 130KB - Virtual size: 130KB

.data Size: 13KB - Virtual size: 29KB

.rsrc Size: 214KB - Virtual size: 213KB

P���u� Size: 16KB - Virtual size: 20KB

.text
Size: 403KB - Virtual size: 403KB

.rdata
Size: 130KB - Virtual size: 130KB

.data
Size: 13KB - Virtual size: 29KB

.rsrc
Size: 214KB - Virtual size: 213KB

P��u�
Size: 16KB - Virtual size: 20KB