General
-
Target
SecuriteInfo.com.BehavesLike.Win32.Trojan.cc.21406
-
Size
154KB
-
Sample
201228-67648v2rla
-
MD5
c15de5bd771cbdadc7870814debee5e6
-
SHA1
89dc5b908e99a6270864e2df0c72cc31fb7b05ff
-
SHA256
310966da92c632e2cb4b22c9efc1bcbffe71c54be89cdb4b2b2119611be25fd0
-
SHA512
299cac00651dfe3b73cc1554d8e8e23ff8286b17c95f46be6e59f10e4932cdcbc28790e2e8c00d43b002d8e7e251f0a9a4ce7f2cd84f186d6cdb81991f820556
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.BehavesLike.Win32.Trojan.cc.21406.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
SecuriteInfo.com.BehavesLike.Win32.Trojan.cc.21406.exe
Resource
win10v20201028
Malware Config
Extracted
smokeloader
2020
http://vtdilet.com/upload/
http://netvxi.com/upload/
http://tinnys.monster/upload/
Targets
-
-
Target
SecuriteInfo.com.BehavesLike.Win32.Trojan.cc.21406
-
Size
154KB
-
MD5
c15de5bd771cbdadc7870814debee5e6
-
SHA1
89dc5b908e99a6270864e2df0c72cc31fb7b05ff
-
SHA256
310966da92c632e2cb4b22c9efc1bcbffe71c54be89cdb4b2b2119611be25fd0
-
SHA512
299cac00651dfe3b73cc1554d8e8e23ff8286b17c95f46be6e59f10e4932cdcbc28790e2e8c00d43b002d8e7e251f0a9a4ce7f2cd84f186d6cdb81991f820556
Score10/10-
Executes dropped EXE
-
Deletes itself
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-