smokeloader | a66dbe6506867f6ab03251cb0b56456792a9bab4f1dcc6c33d08e1efb1b919a1

General

Target

a66dbe6506867f6ab03251cb0b56456792a9bab4f1dcc6c33d08e1efb1b919a1
Size

28KB
MD5

732f2b92c380c5cd4061d6bfc9712a0f
SHA1

ece7940bf490b9610bd4426e6399c5846fcfd033
SHA256

a66dbe6506867f6ab03251cb0b56456792a9bab4f1dcc6c33d08e1efb1b919a1
SHA512

4669357b9dc0f51c1c4877023bff27dc492d1e2ed2f8cc7da04e33e766fc312960fd3d023b5e07be5ba975dd792c78167cd943f19271d2a5aa5e55394c6fcccb
SSDEEP

768:3VMIpk80aX5wPHfQimm0q5ct8ava8dBgqffpjdxZ:SIHKmAevjhF

Score

10^/10

smokeloader

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/12d3dc8a4fd8a2ebe6a839cce59920156d55e8d06fe2a5c95ad60419086877bb.exe

a66dbe6506867f6ab03251cb0b56456792a9bab4f1dcc6c33d08e1efb1b919a1
.zip

Password: infected
12d3dc8a4fd8a2ebe6a839cce59920156d55e8d06fe2a5c95ad60419086877bb.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE