2025-04-07_b852fe398fddb666165a848cf8898f5d_amadey_black-basta_luca-stealer_smoke-loader_wapomi

Sharing

Copy URL

Twitter E-mail

General

Target

2025-04-07_b852fe398fddb666165a848cf8898f5d_amadey_black-basta_luca-stealer_smoke-loader_wapomi
Size

10.7MB
MD5

b852fe398fddb666165a848cf8898f5d
SHA1

7cff4d36a55672a80141bd55fabd8d445007c1c4
SHA256

2e43735e936ea8fcc3f39c75cd4250090b08e3e34de3ba110c25f9ba369f4c93
SHA512

d8af49ad7b52b67fc90a8c50ea6ebfd4c9fca4f8a1237fd85e97d2c4a7fcb2b91ee195eab9200ec740b69dcfc8b85a3a1e73be77bd219da1a157169e5724f6da
SSDEEP

196608:kLzsxWM84bJNl21pe4QJuLftS37vGak7jdaOfC:GQwM/bJNAKRYL1S3TG1aO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2025-04-07_b852fe398fddb666165a848cf8898f5d_amadey_black-basta_luca-stealer_smoke-loader_wapomi

Files

2025-04-07_b852fe398fddb666165a848cf8898f5d_amadey_black-basta_luca-stealer_smoke-loader_wapomi
.exe windows:5 windows x86 arch:x86

e63f599601ee91612d5bad820baf3799

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\EricsWork\Login_815_1705102501\20210128\Login_815_1705102501_202402\login\Debug\LinLauncher.pdb

Imports

advapi32

MD5Init
MD5Update
MD5Final
AdjustTokenPrivileges
OpenProcessToken
LookupPrivilegeValueW

comctl32

_TrackMouseEvent
ord17

wininet

InternetOpenW
InternetOpenUrlW
InternetReadFile
HttpQueryInfoW
InternetCloseHandle

user32

HideCaret
GetCaretBlinkTime
CreateCaret
SetForegroundWindow
TrackPopupMenu
CreatePopupMenu
SetRect
DrawTextW
CharPrevW
GetGUIThreadInfo
FillRect
ClientToScreen
InvalidateRgn
CreateAcceleratorTableW
MoveWindow
IsZoomed
GetMonitorInfoW
MonitorFromWindow
LoadImageW
AdjustWindowRectEx
GetPropW
SetPropW
ShowCaret
GetSystemMetrics
EnableWindow
GetClassInfoExW
RegisterClassExW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetParent
PtInRect
IsRectEmpty
IntersectRect
MapWindowPoints
GetCursorPos
InvalidateRect
GetUpdateRect
GetCaretPos
ShowWindow
IsIconic
DialogBoxParamW
EndDialog
GetSystemMenu
wsprintfW
PostQuitMessage
GetMenu
SetCaretPos
GetSysColor
SetWindowTextW
EndPaint
BeginPaint
ReleaseDC
GetDC
KillTimer
AppendMenuW
SetWindowRgn
GetClientRect
GetWindowRect
MessageBoxW
ScreenToClient
GetWindowLongW
SetWindowLongW
FindWindowA
GetWindowThreadProcessId
wsprintfA
GetWindowTextW
GetWindowTextLengthW
GetDesktopWindow
GetWindow
wvsprintfW
SetCursor
InflateRect
UnionRect
OffsetRect
LoadCursorW
GetMessageW
TranslateMessage
DispatchMessageW
SendMessageW
UnregisterClassW
PostMessageW
IsWindow
CreateWindowExW
DestroyWindow
SetWindowPos
IsWindowVisible
CharNextW
SetFocus
GetActiveWindow
GetFocus
GetKeyState
SetCapture
ReleaseCapture
SetTimer

shell32

ShellExecuteW

gdi32

CreateDIBSection
SetTextColor
MoveToEx
TextOutW
CreatePatternBrush
GdiFlush
SetStretchBltMode
StretchBlt
SetBkMode
SetBkColor
ExtSelectClipRgn
SelectClipRgn
RoundRect
LineTo
GetTextExtentPoint32W
GetObjectType
GetClipBox
GetCharABCWidthsW
CreateSolidBrush
CreateRectRgnIndirect
CreatePenIndirect
CombineRgn
GetDeviceCaps
GetObjectA
SetWindowOrgEx
GetObjectW
GetTextMetricsW
SelectObject
SaveDC
RestoreDC
Rectangle
RemoveFontMemResourceEx
AddFontMemResourceEx
GetStockObject
DeleteDC
CreatePen
CreateFontIndirectW
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
DeleteObject
CreateRoundRectRgn

oleaut32

VariantClear
VariantInit
SysFreeString
SysAllocString

kernel32

ResetEvent
SetEvent
WaitForSingleObjectEx
SetUnhandledExceptionFilter
UnhandledExceptionFilter
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
IsProcessorFeaturePresent
InitializeSListHead
GlobalLock
GlobalUnlock
GlobalAlloc
GetLocalTime
SystemTimeToFileTime
WriteFile
SetFileTime
SetFilePointer
LocalFileTimeToFileTime
IsDebuggerPresent
OutputDebugStringW
ReadFile
GetFileSize
CreateFileW
SetCurrentDirectoryW
GetACP
IsBadStringPtrW
IsBadStringPtrA
GetCPInfo
GetStringTypeW
GetLocaleInfoW
LCMapStringW
CompareStringW
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
CreateEventW
EncodePointer
LeaveCriticalSection
EnterCriticalSection
FormatMessageW
Module32NextW
Module32FirstW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
MultiByteToWideChar
FindResourceExW
OpenFileMappingW
CreateFileMappingW
UnmapViewOfFile
MapViewOfFile
WideCharToMultiByte
GetStartupInfoW
VirtualQuery
FreeLibrary
RtlUnwind
LoadLibraryExW
InterlockedPushEntrySList
InterlockedFlushSList
GetStdHandle
GetFileType
GetModuleFileNameA
GetModuleHandleExW
WriteConsoleW
GetCommandLineA
HeapValidate
GetSystemInfo
OutputDebugStringA
SetConsoleCtrlHandler
GetCurrentThread
GetDateFormatW
GetTimeFormatW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointerEx
HeapQueryInformation
GetTimeZoneInformation
ReadConsoleW
FindClose
FindFirstFileExA
FindFirstFileExW
FindNextFileA
FindNextFileW
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetEnvironmentVariableW
SetStdHandle
MulDiv
GetVersionExW
MoveFileExW
CopyFileW
DeleteFileW
GetFileAttributesW
DecodePointer
FreeResource
LockResource
GetProcAddress
VirtualAllocEx
VirtualFreeEx
HeapDestroy
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
OpenProcess
GetCurrentProcess
ExitProcess
TerminateProcess
RaiseException
CreateThread
CreateRemoteThread
GetLastError
SetLastError
WriteProcessMemory
GetThreadContext
SetThreadContext
ResumeThread
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
WaitForSingleObject
Sleep
LoadResource
SizeofResource
CloseHandle
GetTickCount
lstrcpyA
LoadLibraryW
GetModuleFileNameW
GetModuleHandleW
CreateProcessW
GetCommandLineW
FindResourceW
GetPrivateProfileIntW
GetPrivateProfileStringA
GetPrivateProfileStringW
WritePrivateProfileStringW
GetTempPathW
GetCurrentDirectoryA
GetCurrentDirectoryW
CreateDirectoryW
SetFileAttributesW
SetEndOfFile

ole32

CreateStreamOnHGlobal
OleLockRunning
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CoUninitialize
CoInitialize

shlwapi

wvnsprintfW

psapi

GetModuleBaseNameW
EnumProcessModules

imm32

ImmGetContext
ImmSetCompositionFontW
ImmSetCompositionWindow
ImmReleaseContext

gdiplus

GdipSetSmoothingMode
GdipSetPixelOffsetMode
GdipSetInterpolationMode
GdipGraphicsClear
GdipDrawImage
GdipDrawImageRectI
GdipDeleteFontFamily
GdipGetFamily
GdipCreatePen2
GdipDeletePen
GdipSetPenStartCap
GdipSetPenEndCap
GdipDrawLine
GdipFillRectangleI
GdipDrawImageI
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipGetImageWidth
GdipGetImageHeight
GdipTranslateWorldTransform
GdipRotateWorldTransform
GdipDrawImageRect
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipSaveImageToFile
GdipDisposeImage
GdipCloneImage
GdipSetStringFormatLineAlign
GdipSetCompositingQuality
GdipSetStringFormatFlags
GdipDeleteStringFormat
GdipCreateStringFormat
GdipDrawString
GdipCreateFontFromLogfontA
GdipSetTextRenderingHint
GdipCreateSolidFill
GdipFillRegion
GdipSetPageUnit
GdipDeleteGraphics
GdipCreateFromHDC
GdipSetPathGradientFocusScales
GdipGetPathGradientPointCount
GdipSetPathGradientSurroundColorsWithCount
GdipSetPathGradientCenterColor
GdipCreatePathGradientFromPath
GdipDeleteBrush
GdipCloneBrush
GdipCombineRegionRegion
GdipDeleteRegion
GdipCreateRegionPath
GdipCreateRegionRect
GdipAddPathArcI
GdipAddPathLineI
GdipDeletePath
GdipCreatePath
GdiplusShutdown
GdiplusStartup
GdipFree
GdipAlloc
GdipGetImageGraphicsContext
GdipCreateLineBrushI
GdipSetSolidFillColor
GdipGetImageEncoders
GdipSetStringFormatAlign
GdipGetImageEncodersSize
GdipCreateFontFromDC
GdipDeleteFont

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 431KB - Virtual size: 431KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 794B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7.9MB - Virtual size: 7.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

@$^�u�
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e63f599601ee91612d5bad820baf3799

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

advapi32

comctl32

wininet

user32

shell32

gdi32

oleaut32

kernel32

ole32

shlwapi

psapi

imm32

gdiplus

Sections

.text Size: 2.2MB - Virtual size: 2.2MB

.rdata Size: 431KB - Virtual size: 431KB

.data Size: 29KB - Virtual size: 61KB

.idata Size: 13KB - Virtual size: 13KB

.gfids Size: 3KB - Virtual size: 3KB

.tls Size: 1024B - Virtual size: 794B

.00cfg Size: 512B - Virtual size: 260B

.rsrc Size: 7.9MB - Virtual size: 7.9MB

.reloc Size: 99KB - Virtual size: 99KB

@$^�u� Size: 16KB - Virtual size: 20KB

.text
Size: 2.2MB - Virtual size: 2.2MB

.rdata
Size: 431KB - Virtual size: 431KB

.data
Size: 29KB - Virtual size: 61KB

.idata
Size: 13KB - Virtual size: 13KB

.gfids
Size: 3KB - Virtual size: 3KB

.tls
Size: 1024B - Virtual size: 794B

.00cfg
Size: 512B - Virtual size: 260B

.rsrc
Size: 7.9MB - Virtual size: 7.9MB

.reloc
Size: 99KB - Virtual size: 99KB

@$^�u�
Size: 16KB - Virtual size: 20KB