smokeloader | 0x000600000001ac45-52[.]dat | Triage

Sharing

General

Target

0x000600000001ac45-52.dat
Size

38KB
MD5

cb357a30e6e1350f4da4cbd44499fbae
SHA1

ab0538e676f32fa42d9d01d494c155da7568256e
SHA256

f7239524fdc6dc33d49c5087a436da67a1c39ab2831d1711a98f8f9421f7c1b5
SHA512

72cb20d5c019cdc2ab72e5ea2c2a41e4aab0d44941b91f158b916ac8f0ff805c52983db2c15d3c5ac0e4507962b35c64034ca2ba9457b60e0daed32958b600e4
SSDEEP

768:f8FhylJE+hwr5hN7F0I0bQyvUgq65DQVi:f8qlJEQwrDNuIyvD5sV

Score

10^/10

smokeloader

Malware Config

Signatures

Smokeloader family
smokeloader
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

0x000600000001ac45-52.dat

Files

0x000600000001ac45-52.dat
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE