Behavioral task
behavioral1
Sample
a650a52eb98a8c0a1ebe1f3bb81aa82a.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
a650a52eb98a8c0a1ebe1f3bb81aa82a.exe
Resource
win10v2004-20230703-en
General
-
Target
a650a52eb98a8c0a1ebe1f3bb81aa82a.exe
-
Size
39KB
-
MD5
a650a52eb98a8c0a1ebe1f3bb81aa82a
-
SHA1
9f4342476a88672257e4b16d465bee645e799bf5
-
SHA256
f38768ee7b36fc3933c780cca8dc326db590c4adc532c1cbb5d0ab46aebf6be9
-
SHA512
296f946cc2906259d84d1198f4afdf5dcb49d3e6eed60b38dab3dbb6e7490c00233de85ec67934b9258d2f14ca976f37833b046628135771d78815d35f05ec4e
-
SSDEEP
384:K9VD6tee+qUOTd2opQTLAdz1SvNmhpdvOjT7PbA6HBiTSnjxZMdP05ldpRMaYIBI:k6Qe+qUv8zcqdvOXA6XkPslJvGaVW
Malware Config
Signatures
-
Smokeloader family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource a650a52eb98a8c0a1ebe1f3bb81aa82a.exe
Files
-
a650a52eb98a8c0a1ebe1f3bb81aa82a.exe.exe windows x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 29KB - Virtual size: 29KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE