General
-
Target
SecuriteInfo.com.BehavesLike.Win32.Trojan.cc.8474
-
Size
154KB
-
Sample
201228-9mmdqn7pcx
-
MD5
49e96bc64fd03e66168d7803136a7fea
-
SHA1
2acca9801718feacd8540987838c44c0fb874ed0
-
SHA256
1fb4559d186a1c07bc4de4617e3a7373b6e76e11135b212e7771bc8518c902ae
-
SHA512
ae4b1414824c57caf435b348f233cd54f9337292b4e730a4368ca02a00ee6ef3626ce887f3b8baec2be7bf3742c920cfe95803143443a7337a9b7596ede5228f
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.BehavesLike.Win32.Trojan.cc.8474.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
SecuriteInfo.com.BehavesLike.Win32.Trojan.cc.8474.exe
Resource
win10v20201028
Malware Config
Extracted
smokeloader
2020
http://vtdilet.com/upload/
http://netvxi.com/upload/
http://tinnys.monster/upload/
Targets
-
-
Target
SecuriteInfo.com.BehavesLike.Win32.Trojan.cc.8474
-
Size
154KB
-
MD5
49e96bc64fd03e66168d7803136a7fea
-
SHA1
2acca9801718feacd8540987838c44c0fb874ed0
-
SHA256
1fb4559d186a1c07bc4de4617e3a7373b6e76e11135b212e7771bc8518c902ae
-
SHA512
ae4b1414824c57caf435b348f233cd54f9337292b4e730a4368ca02a00ee6ef3626ce887f3b8baec2be7bf3742c920cfe95803143443a7337a9b7596ede5228f
Score10/10-
Executes dropped EXE
-
Deletes itself
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-