Behavioral task
behavioral1
Sample
0x0006000000015ca2-116.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
0x0006000000015ca2-116.exe
Resource
win10v2004-20230703-en
General
-
Target
0x0006000000015ca2-116.dat
-
Size
40KB
-
MD5
2ab20eb0313e298ed42d166bdd1cd2f4
-
SHA1
d4043880ee3d838eb8e9350698c6bc5a9881d28d
-
SHA256
55b086f0129153e990f03a8634f48239e6227fb96f4bbe0b9f95acf6f69350a6
-
SHA512
313464105b2ce664b900f130311b4eceb52d8036e486d68bc421ca82de8708f2716467471a93bb4d725a74bb80ed421746d236f05b676449ef4c1c2a2a36a51c
-
SSDEEP
384:K9VD6tee+qUOTd2opQTLAdz1SvNmhpdvOjT7PbA6HBiTSnjxZMdP05ldpRMaYIBI:k6Qe+qUv8zcqdvOXA6XkPslJvGaVW
Malware Config
Signatures
-
Smokeloader family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 0x0006000000015ca2-116.dat
Files
-
0x0006000000015ca2-116.dat.exe windows x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 29KB - Virtual size: 29KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE