Behavioral task
behavioral1
Sample
NEAS.70141cde965558529b1adc82862d402149f21443f12f0903a56d33a1cb205c62exe.exe
Resource
win7-20231025-en
Behavioral task
behavioral2
Sample
NEAS.70141cde965558529b1adc82862d402149f21443f12f0903a56d33a1cb205c62exe.exe
Resource
win10v2004-20231020-en
General
-
Target
NEAS.70141cde965558529b1adc82862d402149f21443f12f0903a56d33a1cb205c62exe.exe
-
Size
51KB
-
MD5
205aff0dd6aa5a63fed783c93d607ac1
-
SHA1
23c877537603c32ecfef03fac4100747aa89115b
-
SHA256
70141cde965558529b1adc82862d402149f21443f12f0903a56d33a1cb205c62
-
SHA512
d8d2ba3dca3f27928326b5c413e097852628be5919223cb63999d15dd1d1a1985053f264e8d64f134c0d76c4f28f0fb22eff51c00d040aecba32bc98fd4a9627
-
SSDEEP
384:K9VD6tee+qUOTd2opQTLAdz1SvNmhpdvOjT7PbA6HBiTSnjxZMdP05ldpRMaYIBI:k6Qe+qUv8zcqdvOXA6XkPslJvGaVW
Malware Config
Signatures
-
Smokeloader family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource NEAS.70141cde965558529b1adc82862d402149f21443f12f0903a56d33a1cb205c62exe.exe
Files
-
NEAS.70141cde965558529b1adc82862d402149f21443f12f0903a56d33a1cb205c62exe.exe.exe windows:1 windows x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 29KB - Virtual size: 29KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE