smokeloader | cbf503576b78b2cf087fdfefdba71c408b48d12b87ba08673125227f794274fa

General

Target

cbf503576b78b2cf087fdfefdba71c408b48d12b87ba08673125227f794274fa
Size

26KB
MD5

01bf3ddd33fdeb2a6f2d2b9daedf57a5
SHA1

fe7f4a5431584d7488bbb33367a11a07f7e909f8
SHA256

cbf503576b78b2cf087fdfefdba71c408b48d12b87ba08673125227f794274fa
SHA512

223f6a2516ef265fc388901864170cb9c1c5fb6960671e8af2e23fbb7ec2b7cf10a671c65779eb5d14ae3dd793e68a8be8873d01c2f0fc4d88cbc2ba2e9c7ca6
SSDEEP

768:6BIDWXcJWpW2n2NttnoKiKL39Y8PwXhKw7T3bVU4M:z6X9NnAoE2FXfT3CV

Score

10^/10

smokeloader

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/89a0227ef833a2742f7dd46be36e61b178a8b47846fd3cf557c8b9991b7cfb67

cbf503576b78b2cf087fdfefdba71c408b48d12b87ba08673125227f794274fa
.zip

Password: infected
89a0227ef833a2742f7dd46be36e61b178a8b47846fd3cf557c8b9991b7cfb67
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE