General
-
Target
6ca375ce8d7caafb814fb3455edfafd8.exe
-
Size
154KB
-
Sample
201228-jj55g5plzs
-
MD5
6ca375ce8d7caafb814fb3455edfafd8
-
SHA1
38dbc1e721dadcf695c4f2e0ec1c7c1a1dea31bf
-
SHA256
0969327fda05101320538ec7c3df4ca3a024fdffc9ff58bcf5570a0960bd9df7
-
SHA512
adcf823d05bd0fa407a663fae3f4b0232acd7c41775f5ad3bd5d7570a609813da63f1522fe2497004d386a766de2c7e6f1d26f3177beb7a2d4da2a5a1d734de3
Static task
static1
Behavioral task
behavioral1
Sample
6ca375ce8d7caafb814fb3455edfafd8.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
6ca375ce8d7caafb814fb3455edfafd8.exe
Resource
win10v20201028
Malware Config
Extracted
smokeloader
2020
http://vtdilet.com/upload/
http://netvxi.com/upload/
http://tinnys.monster/upload/
Targets
-
-
Target
6ca375ce8d7caafb814fb3455edfafd8.exe
-
Size
154KB
-
MD5
6ca375ce8d7caafb814fb3455edfafd8
-
SHA1
38dbc1e721dadcf695c4f2e0ec1c7c1a1dea31bf
-
SHA256
0969327fda05101320538ec7c3df4ca3a024fdffc9ff58bcf5570a0960bd9df7
-
SHA512
adcf823d05bd0fa407a663fae3f4b0232acd7c41775f5ad3bd5d7570a609813da63f1522fe2497004d386a766de2c7e6f1d26f3177beb7a2d4da2a5a1d734de3
Score10/10-
Executes dropped EXE
-
Deletes itself
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-