General
-
Target
1552dbdb5fcb0236dbc9897df14e98c6.exe
-
Size
136KB
-
Sample
201229-214lpy2lns
-
MD5
1552dbdb5fcb0236dbc9897df14e98c6
-
SHA1
c29986b9d0d1c05a721f08a3c259c62814ef8a34
-
SHA256
5dd71da9e576dc4b91f9b9ded0c0b7648604938fb83343063e44b99bc3eb23c6
-
SHA512
70fe2fa9000bc8aee8eaca6a1c39cf6131f747a72d3623c077f5b9f24b9354cf3f3431c21bdecc94d0b8962522865a380aa1737a854e61b18957e727da67e980
Static task
static1
Behavioral task
behavioral1
Sample
1552dbdb5fcb0236dbc9897df14e98c6.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
1552dbdb5fcb0236dbc9897df14e98c6.exe
Resource
win10v20201028
Malware Config
Extracted
smokeloader
2020
http://vtdilet.com/upload/
http://netvxi.com/upload/
http://tinnys.monster/upload/
Targets
-
-
Target
1552dbdb5fcb0236dbc9897df14e98c6.exe
-
Size
136KB
-
MD5
1552dbdb5fcb0236dbc9897df14e98c6
-
SHA1
c29986b9d0d1c05a721f08a3c259c62814ef8a34
-
SHA256
5dd71da9e576dc4b91f9b9ded0c0b7648604938fb83343063e44b99bc3eb23c6
-
SHA512
70fe2fa9000bc8aee8eaca6a1c39cf6131f747a72d3623c077f5b9f24b9354cf3f3431c21bdecc94d0b8962522865a380aa1737a854e61b18957e727da67e980
Score10/10-
Executes dropped EXE
-
Deletes itself
-
Loads dropped DLL
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
JavaScript code in executable
-