Behavioral task
behavioral1
Sample
7FA0FC4B901FF3BB9002F33B4A7F0A01AEF10F36C8304.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
7FA0FC4B901FF3BB9002F33B4A7F0A01AEF10F36C8304.exe
Resource
win10v2004-20220901-en
General
-
Target
7FA0FC4B901FF3BB9002F33B4A7F0A01AEF10F36C8304.exe
-
Size
30KB
-
MD5
0d7eb2137c2d696071df27cc6a601a5a
-
SHA1
f3e487886630e0729fb4b4967cd11c2ee0daa989
-
SHA256
7fa0fc4b901ff3bb9002f33b4a7f0a01aef10f36c8304d26cdbf0934a9fd816f
-
SHA512
1b6f45cd581d3cd8292d8b97b840473eddb5239ce07037a8d34cf1530dc6c35613591e1d06f56453b50060d0df8d6066cc675a8cde3018220547597515e8f662
-
SSDEEP
768:8t6+ztmVfbHmHS8/ckpKd75wiqjUKPO6AAb3vM8pYwA:2ztmJbHmHT/zKdVwigUAAK3qw
Malware Config
Signatures
-
Detects Smokeloader packer 1 IoCs
Processes:
resource yara_rule sample family_smokeloader -
Smokeloader family
Files
-
7FA0FC4B901FF3BB9002F33B4A7F0A01AEF10F36C8304.exe.exe windows x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 29KB - Virtual size: 29KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE