2025-04-07_a6d768091afd771a71020aa43e0a0d26_amadey_smoke-loader_wapomi

Sharing

Copy URL

Twitter E-mail

General

Target

2025-04-07_a6d768091afd771a71020aa43e0a0d26_amadey_smoke-loader_wapomi
Size

474KB
MD5

a6d768091afd771a71020aa43e0a0d26
SHA1

68fa5c6e4abc73ed28c4c088b066da78b3cc7289
SHA256

3c9448445b0384a54ad64ff5b47b8529f1b930a22c23cb0d14e73ccd5c17b114
SHA512

2c9872513ec855fe4ec88e218b7913893dde9428e7d5ce0814963b4da822bab0cbf1152cd24f9597bb9f074dfb4ed3f7c112045a415d63c200e48fd3e05ea552
SSDEEP

12288:N0QsSmAKgxCk5IPYOVhJUInmB0kwKyI6t2CtOjpcoPa:N0CyjJUIw0kwK5hjpco

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2025-04-07_a6d768091afd771a71020aa43e0a0d26_amadey_smoke-loader_wapomi

Files

2025-04-07_a6d768091afd771a71020aa43e0a0d26_amadey_smoke-loader_wapomi
.exe windows:5 windows x86 arch:x86

13f803d90a1a8166ecfc4197841a663f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadResource
SetUnhandledExceptionFilter
LoadLibraryExW
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
SizeofResource
LeaveCriticalSection
lstrlenW
SetLastError
EnterCriticalSection
lstrcmpiW
DeleteCriticalSection
GetCurrentThreadId
GetVersion
CreateFileW
SetFilePointer
SetEndOfFile
ReadFile
FindFirstFileW
GetFileAttributesW
FindClose
FindNextFileW
WriteFile
CopyFileW
ReadProcessMemory
GetFileSizeEx
VirtualProtectEx
WideCharToMultiByte
GetVersionExW
GetSystemInfo
GetConsoleMode
GetConsoleCP
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringA
GetCurrentProcess
GetCurrentProcessId
GetTickCount
FreeLibrary
GetCommandLineW
GetEnvironmentStringsW
FindResourceW
GetStartupInfoA
GetFileType
SetHandleCount
LCMapStringW
GetModuleFileNameA
GetStdHandle
HeapReAlloc
HeapCreate
ExitProcess
HeapSize
Sleep
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
RtlUnwind
GetStartupInfoW
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
FlushFileBuffers
CreateFileA
GlobalFree
RaiseException
FlushInstructionCache
SetStdHandle
GlobalUnlock
MulDiv
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
QueryDosDeviceW
GetPrivateProfileIntW
WritePrivateProfileStringW
GetModuleFileNameW
GetPrivateProfileStringW
GetModuleHandleA
LoadLibraryA
GetLastError
lstrlenA
MultiByteToWideChar
CreateFileMappingW
MapViewOfFile
ResumeThread
WriteProcessMemory
CloseHandle
GetExitCodeThread
VirtualAllocEx
SetThreadPriority
LoadLibraryW
VirtualFreeEx
CreateRemoteThread
FreeEnvironmentStringsW
WaitForSingleObject
GlobalAlloc
QueryPerformanceCounter
GlobalLock
GetProcAddress
VirtualQueryEx
GetModuleHandleW
GetSystemTimeAsFileTime
UnmapViewOfFile

user32

GetMenu
IsDialogMessageW
LoadIconW
InflateRect
SetCapture
PostQuitMessage
LoadAcceleratorsW
DialogBoxParamW
GetKeyState
DragDetect
IntersectRect
ReleaseDC
EnableMenuItem
GetSysColor
ScreenToClient
TranslateAcceleratorW
GetWindowTextLengthW
SetDlgItemTextW
CreatePopupMenu
GetActiveWindow
AdjustWindowRectEx
ReleaseCapture
EnableWindow
GetMessagePos
DestroyAcceleratorTable
GetMessageW
CharNextW
TranslateMessage
PeekMessageW
CreateDialogParamW
DispatchMessageW
UpdateWindow
LoadImageW
GetDC
GetDesktopWindow
DestroyIcon
SetFocus
ClientToScreen
CloseClipboard
MonitorFromPoint
TrackPopupMenu
GetSubMenu
IsClipboardFormatAvailable
MessageBeep
InvalidateRect
LoadMenuW
GetClipboardData
GetWindowTextW
EmptyClipboard
SetWindowLongW
RedrawWindow
ShowWindow
IsWindow
OpenClipboard
MessageBoxW
IsWindowVisible
SetClipboardData
DestroyMenu
GetDlgCtrlID
CallWindowProcW
DefWindowProcW
DestroyWindow
GetWindowRect
GetParent
GetClientRect
GetWindowLongW
MonitorFromWindow
GetDlgItem
EndDialog
SetWindowPos
CreateWindowExW
SendMessageW
MapWindowPoints
SetWindowTextW
GetMonitorInfoW
GetWindow
AppendMenuW
UnregisterClassA

gdi32

CreateBitmap
SelectObject
SelectClipRgn
CreateRectRgnIndirect
CombineRgn
CreateRectRgn
CreatePatternBrush
GetClipBox
GetDeviceCaps
CreateFontIndirectW
DeleteObject
GetObjectW
PatBlt

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

RegOpenKeyExW
RegDeleteKeyW
RegQueryInfoKeyW
RegCreateKeyExW
RegEnumKeyExW
RegCloseKey
RegSetValueExW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegDeleteValueW

shell32

ShellExecuteW

ole32

CoTaskMemFree
CoTaskMemRealloc
CoUninitialize
CoCreateInstance
CoInitialize
CoTaskMemAlloc

oleaut32

VarUI4FromStr

shlwapi

PathRemoveFileSpecW
PathAppendW

comctl32

InitCommonControlsEx
ImageList_Destroy
ImageList_ReplaceIcon
ImageList_Create

psapi

GetModuleFileNameExW
GetMappedFileNameW
EnumProcessModules
GetProcessImageFileNameW

imagehlp

CheckSumMappedFile

Sections

.text
Size: 301KB - Virtual size: 300KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

�� uP
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

13f803d90a1a8166ecfc4197841a663f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

psapi

imagehlp

Sections

.text Size: 301KB - Virtual size: 300KB

.rdata Size: 60KB - Virtual size: 59KB

.data Size: 36KB - Virtual size: 94KB

.rsrc Size: 38KB - Virtual size: 38KB

.reloc Size: 20KB - Virtual size: 20KB

��� �uP Size: 16KB - Virtual size: 20KB

.text
Size: 301KB - Virtual size: 300KB

.rdata
Size: 60KB - Virtual size: 59KB

.data
Size: 36KB - Virtual size: 94KB

.rsrc
Size: 38KB - Virtual size: 38KB

.reloc
Size: 20KB - Virtual size: 20KB

�� uP
Size: 16KB - Virtual size: 20KB