Behavioral task
behavioral1
Sample
0x000600000001ac45-52.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
0x000600000001ac45-52.exe
Resource
win10v2004-20231127-en
General
-
Target
0x000600000001ac45-52.dat
-
Size
38KB
-
MD5
cb357a30e6e1350f4da4cbd44499fbae
-
SHA1
ab0538e676f32fa42d9d01d494c155da7568256e
-
SHA256
f7239524fdc6dc33d49c5087a436da67a1c39ab2831d1711a98f8f9421f7c1b5
-
SHA512
72cb20d5c019cdc2ab72e5ea2c2a41e4aab0d44941b91f158b916ac8f0ff805c52983db2c15d3c5ac0e4507962b35c64034ca2ba9457b60e0daed32958b600e4
-
SSDEEP
768:f8FhylJE+hwr5hN7F0I0bQyvUgq65DQVi:f8qlJEQwrDNuIyvD5sV
Malware Config
Signatures
-
Smokeloader family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 0x000600000001ac45-52.dat
Files
-
0x000600000001ac45-52.dat.exe windows:1 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 36KB - Virtual size: 36KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE