General

  • Target

    4888-3-0x0000000000400000-0x000000000040B000-memory.dmp

  • Size

    44KB

  • MD5

    f5bb28ad1a70ddfad899e03e1064500c

  • SHA1

    0f9dde6bc572eb1467d2f80453360492dedd63be

  • SHA256

    6f009343009c4e1b5668bd398737e96463d55f55f848ca9fed2bcea4e6616dd0

  • SHA512

    335cdb87b0d6ea0dfd19452f16e15b3080835fce774a88f206c7b7594b699f9c077a9eae37373485715dd89e1672be885e4fa6b37a280034d7ad44e6f2c13c59

  • SSDEEP

    768:xLtE5GKwQI4tpITHhRx3kwfOX5VAEMiyQjEDlrSlV:fE5GVB48THhRhfOX7AtZDJS/

Score
10/10

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Signatures

  • Smokeloader family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 4888-3-0x0000000000400000-0x000000000040B000-memory.dmp
    .exe windows:1 windows x86 arch:x86


    Headers

    Sections