Behavioral task
behavioral1
Sample
b59e52b83b0a0cde0085b3ba306316a86a845a974cbeaf45da905476b6db53bb_dump.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
b59e52b83b0a0cde0085b3ba306316a86a845a974cbeaf45da905476b6db53bb_dump.exe
Resource
win10v2004-20240611-en
General
-
Target
b59e52b83b0a0cde0085b3ba306316a86a845a974cbeaf45da905476b6db53bb_dump.exe
-
Size
40KB
-
MD5
b4aa2b5e8f460a5b2731d538f5f7a0a7
-
SHA1
46084497cdde44312db2c86da72d0e932b4ac169
-
SHA256
1ab2666172b3ad1123fafce0a407cf1b1cff9f32ef124d431bfa69e921219e38
-
SHA512
87e678534d3beef2c65b85b9db5a5742b86439349c3ea9cb4dbd361b0c303ae17f6c7dc243257b39dc5bd3c443ba11f3d1f9e831b071fe07828898cf08a1655f
-
SSDEEP
768:xLtE5GK+qS4tpITHhRx3kwfOX5VAEMiyQjEDlrSlV:fE5Grt48THhRhfOX7AtZDJS/
Malware Config
Signatures
-
Smokeloader family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource b59e52b83b0a0cde0085b3ba306316a86a845a974cbeaf45da905476b6db53bb_dump.exe
Files
-
b59e52b83b0a0cde0085b3ba306316a86a845a974cbeaf45da905476b6db53bb_dump.exe.exe windows:1 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 36KB - Virtual size: 36KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE