Online Virus Checker | v.1.0.141.174 |
DB Version: | 2023-10-05 12:02:37 |
SmokeLoader primarily serves as a malware delivery mechanism, dropping other, more destructive malware onto infected machines. Its stealthy infiltration methods and complex obfuscation techniques make it challenging to detect. What sets SmokeLoader apart is its extensibility through plugins. Cybercriminals can add malicious info-stealing functions to the loader, making it a versatile tool for data theft and system compromise.
File | file |
Checked | 2023-10-05 09:24:51 |
MD5 | 6c7c496c1017c9435717f711bf5b8af3 |
SHA1 | f19a0b3803266c080bf7fcfad9fefab75ad7ef32 |
SHA256 | cc58ad1f7a097f077f06b78e21c1f5a01007cd98613b602bb22b95751920ba80 |
SHA512 | 278e66e318b9e4cf279d364be5bd1279af5b3e0f978c18d95e90fa48aa9e1cd5085cf1174c05afd99e66ac38f6ac94482316c5e7548c5425a4577145425e7c78 |
Imphash | 7bf0c3cbf0d3960e40b75bc830477f17 |
File Size | 223744 bytes |
Gridinsoft has the capability to identify and eliminate Trojan.Win32.SmokeLoader.bot without requiring further user intervention.
FileDescription | Vangla |
LegalCopyright | Copyright (C) 2022, Fdfiugaf |
ProductsVersion | 0.24.58.86 |
ProductName | Hsfpkajdflgnj |
ProductionVersion | 13.37.45.45 |
Translation | 0x25b0 0x0ebc |
14f6166713def0fc6064333bc354c28f 804d4d15438c9607c11868bbdd7614e9 bce9f6f2e0c4ebf4 |
|
Image Base: | 0x00400000 |
Entry Point: | 0x00406b5c |
Compilation: | 2022-09-09 09:09:13 |
Checksum: | 0x000386d5 (Actual: 0x000386d5) |
OS Version: | 5.0 |
PDB Path: | C:\doreviri puyimonixowi\98\pifumafu tibibujo_xijubi\zazuyuz.pdb |
PEiD: | PE32 executable (GUI) Intel 80386, for MS Windows |
Sign: | The PE file does not contain a certificate table. |
Sections: | 4 |
Imports: | KERNEL32, USER32, |
Exports: | 0 |
Resources: | 15 |
Name | Virtual Address | Virtual Size | Raw Size | MD5 | Entropy |
---|---|---|---|---|---|
.text | 0x00001000 | 0x00029886 | 0x00029a00 | 5a2f53b0635313bae0ef4d1548fa51c6 | 7.54 |
.data | 0x0002b000 | 0x001762bc | 0x00001e00 | 38cc672bcf693826ab2bf9b81ab4b2e4 | 2.56 |
.rsrc | 0x001a2000 | 0x00008350 | 0x00008400 | e61ef062582563c64e0003ca9f4a3688 | 4.91 |
.reloc | 0x001ab000 | 0x000029a4 | 0x00002a00 | cd17606b14b253eaebce9675bcb87409 | 2.82 |