Behavioral task
behavioral1
Sample
bf0cbdb53bbd724bb231f0b6958edfc4.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
bf0cbdb53bbd724bb231f0b6958edfc4.exe
Resource
win10v2004-20231215-en
General
-
Target
bf0cbdb53bbd724bb231f0b6958edfc4.exe
-
Size
38KB
-
MD5
bf0cbdb53bbd724bb231f0b6958edfc4
-
SHA1
d825f3d47987356477f6a1d916a0e34cb581ecc5
-
SHA256
41d04caed8474ba34136c1e831cd345086a4fd4259557ec16f9c4cc99fb603cb
-
SHA512
5073f5f04c954de70247254e1983939c330fa95f11e1d36f615f52a9649e77f8ffa93269ba19b7a734f4528ad5907b3e960414a54ee442dd1e1a70365af1358e
-
SSDEEP
768:3E45SLnQpEhOB/hAGflc5xOXhr7gvexzv36:3E4EqEhOPNfqStgvexzv3
Malware Config
Signatures
-
Smokeloader family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource bf0cbdb53bbd724bb231f0b6958edfc4.exe
Files
-
bf0cbdb53bbd724bb231f0b6958edfc4.exe.exe windows:1 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 36KB - Virtual size: 35KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE