2025-03-30_95e00cd259bb2d6bd9b41301f2213f02_amadey_black-basta_luca-stealer_smoke-loader

Sharing

Copy URL

Twitter E-mail

General

Target

2025-03-30_95e00cd259bb2d6bd9b41301f2213f02_amadey_black-basta_luca-stealer_smoke-loader
Size

1.2MB
MD5

95e00cd259bb2d6bd9b41301f2213f02
SHA1

48bd7297400bed923804466bc992de58fca46471
SHA256

ec37825e87a41737d56163cbc788f6f22f80e4a58c5db1efd7d05499dbb6b86c
SHA512

6dfdc0e90a1f59fe227f0ac80a11dac09abb0a5b5e40db693bf4414b0e5c8135da576130fa399b8e1c69e783178e6cd57e8fb48dc201b6b4d3d458d472cef8dd
SSDEEP

24576:yujT/stP/5Vrn/3s3Fh4aSrBcB7jUXAO/RD00MiqnesZKhdB:yuUtPhVr/3s1h4j9cBVO/RQ0dqnK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2025-03-30_95e00cd259bb2d6bd9b41301f2213f02_amadey_black-basta_luca-stealer_smoke-loader

Files

2025-03-30_95e00cd259bb2d6bd9b41301f2213f02_amadey_black-basta_luca-stealer_smoke-loader
.exe windows:5 windows x86 arch:x86

694a698f121045c69de984009c64a0a1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
ReadFile
GetFileSize
Sleep
CreateThread
ExitProcess
MultiByteToWideChar
GetModuleHandleW
GetModuleFileNameW
LoadLibraryExW
LoadLibraryW
lstrcmpiW
InitializeCriticalSection
GetProcAddress
FreeLibrary
FreeResource
InterlockedDecrement
GetTempPathW
InterlockedIncrement
CreateFileW
FindResourceExW
FindResourceW
SizeofResource
LoadResource
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
SetLastError
GetLastError
GetCurrentThreadId
RaiseException
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
SetEndOfFile
WriteConsoleW
GetFullPathNameW
FlushFileBuffers
SetStdHandle
DecodePointer
DeleteFileW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExW
GetTimeZoneInformation
GetConsoleCP
ReadConsoleW
GetConsoleMode
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetDriveTypeW
SetFilePointerEx
FreeLibraryAndExitThread
ExitThread
GetModuleHandleExW
RtlUnwind
ExpandEnvironmentStringsW
PeekNamedPipe
GetStdHandle
HeapAlloc
HeapDestroy
LockResource
WaitForMultipleObjects
GetSystemDirectoryA
LoadLibraryA
SleepEx
QueryPerformanceCounter
GetStartupInfoW
SetUnhandledExceptionFilter
GetACP
GetTickCount
GetCurrentDirectoryW
MulDiv
OpenProcess
GetCurrentProcessId
GetCurrentProcess
GetFileType
WriteFile
SetFilePointer
SetFileTime
DuplicateHandle
SystemTimeToFileTime
DosDateTimeToFileTime
CreateDirectoryW
WideCharToMultiByte
GetModuleHandleA
GetLocalTime
GlobalAlloc
GlobalLock
GlobalUnlock
GetPrivateProfileIntW
GetPrivateProfileStringW
ReleaseMutex
CreateMutexW
FindFirstFileW
GetSystemDirectoryW
GetVolumeInformationW
FindClose
lstrcpyW
FindNextFileW
CopyFileW
MoveFileExW
GlobalFree
LocalAlloc
LocalFree
TerminateProcess
WaitForSingleObject
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
GetLongPathNameW
DeviceIoControl
OutputDebugStringA
SetPriorityClass
GetVersionExW
GetSystemInfo
FormatMessageW
EncodePointer
CreateEventW
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
IsDebuggerPresent
OutputDebugStringW
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
FlushInstructionCache
IsProcessorFeaturePresent
VirtualAlloc
VirtualFree
LoadLibraryExA
SetEvent
ResetEvent
WaitForSingleObjectEx
UnhandledExceptionFilter

user32

PostQuitMessage
CallWindowProcW
UnregisterClassW
RegisterClassExW
GetClassInfoExW
CreateWindowExW
IsWindow
IsChild
DestroyWindow
GetWindow
MoveWindow
GetParent
IsWindowVisible
PostMessageW
IsZoomed
EnableWindow
GetSystemMetrics
SetWindowRgn
GetClientRect
GetWindowRect
ScreenToClient
CopyRect
OffsetRect
GetWindowLongW
SetWindowLongW
LoadCursorW
LoadImageW
MonitorFromWindow
DefWindowProcW
IsIconic
SendMessageW
SetWindowPos
ShowWindow
SetPropW
wvsprintfW
SetCursor
UnionRect
SetFocus
GetFocus
GetKeyState
SetCapture
ReleaseCapture
SetTimer
KillTimer
GetDC
ReleaseDC
BeginPaint
EndPaint
GetUpdateRect
InvalidateRect
GetCursorPos
IntersectRect
IsRectEmpty
PtInRect
MonitorFromPoint
CharPrevW
DrawTextW
FillRect
SetRect
CreateCaret
GetCaretBlinkTime
HideCaret
ShowCaret
SetCaretPos
GetCaretPos
ClientToScreen
GetSysColor
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
EqualRect
PrivateExtractIconsW
DestroyIcon
DrawIconEx
CreateAcceleratorTableW
InvalidateRgn
GetGUIThreadInfo
wsprintfW
RegisterClassW
MapWindowPoints
GetPropW
GetMonitorInfoW
GetMessageW
TranslateMessage
DispatchMessageW
PeekMessageW
CharNextW

gdi32

GetObjectW
GetDeviceCaps
GetTextMetricsW
CreateCompatibleBitmap
CreatePenIndirect
CreateRectRgnIndirect
CreateSolidBrush
GetCharABCWidthsW
GetClipBox
GetTextExtentPoint32W
LineTo
RoundRect
SelectClipRgn
ExtSelectClipRgn
SetBkColor
SetBkMode
StretchBlt
SelectObject
SaveDC
CreateRoundRectRgn
DeleteObject
RestoreDC
Rectangle
GetStockObject
GetObjectType
DeleteDC
CreatePen
CreateFontIndirectW
CreateCompatibleDC
BitBlt
CombineRgn
GetObjectA
ExtTextOutW
TextOutW
MoveToEx
CreateDIBSection
SetTextColor
SetStretchBltMode

advapi32

RegQueryValueExW
RegOpenKeyW
RegEnumKeyW
OpenProcessToken
GetTokenInformation
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
LookupAccountSidW
DuplicateTokenEx
RevertToSelf
RegSetValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
ImpersonateLoggedOnUser

ole32

CLSIDFromProgID
CLSIDFromString
OleLockRunning
CreateStreamOnHGlobal
OleUninitialize
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
CoUninitialize
CoInitialize
OleInitialize

oleaut32

SysFreeString
VarUI4FromStr
VariantClear
VariantInit
SysAllocString

shlwapi

PathFileExistsW
PathIsDirectoryW

iphlpapi

GetAdaptersInfo

gdiplus

GdipGetImageHeight
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipImageSelectActiveFrame
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipDrawImageRectI
GdipDisposeImage
GdipCloneImage
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipDeleteStringFormat
GdipCreateStringFormat
GdipDrawString
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipSetTextRenderingHint
GdipDeleteGraphics
GdipCreateFromHDC
GdipCreateLineBrushI
GdipDeleteBrush
GdipCloneBrush
GdipFree
GdipAlloc
GdipDeleteFont
GdipCreateFont
GdipGetGenericFontFamilySansSerif
GdipDeleteFontFamily
GdipCreateFontFamilyFromName
GdiplusShutdown
GdiplusStartup
GdipGetImageWidth

comctl32

_TrackMouseEvent
ord17

shell32

SHGetSpecialFolderPathW
ShellExecuteExW
SHGetFileInfoW
SHGetFolderPathW

ws2_32

accept
sendto
recvfrom
select
__WSAFDIsSet
htonl
WSASetLastError
setsockopt
ntohs
htons
ioctlsocket
getsockname
getpeername
connect
bind
send
recv
WSAGetLastError
socket
closesocket
WSACleanup
WSAStartup
listen
gethostname
getsockopt
inet_ntoa
gethostbyaddr
gethostbyname
getservbyport
inet_addr
getservbyname

Sections

.text
Size: 738KB - Virtual size: 737KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 169KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 344KB - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

694a698f121045c69de984009c64a0a1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

shlwapi

iphlpapi

gdiplus

comctl32

shell32

ws2_32

Sections

.text Size: 738KB - Virtual size: 737KB

.rdata Size: 169KB - Virtual size: 169KB

.data Size: 8KB - Virtual size: 13KB

.rsrc Size: 344KB - Virtual size: 344KB

.text
Size: 738KB - Virtual size: 737KB

.rdata
Size: 169KB - Virtual size: 169KB

.data
Size: 8KB - Virtual size: 13KB

.rsrc
Size: 344KB - Virtual size: 344KB