General
-
Target
2021ME04LO14.doc
-
Size
1.2MB
-
Sample
210415-flgdl588qa
-
MD5
a7efdf6b05f75d87da78ebac5d8ec871
-
SHA1
8e15570191d6a989809d77f5759d4196c5675f57
-
SHA256
9266b7e06934a2c37355df644d5fb7cbc94d013059ce03e8beeeb961bb529720
-
SHA512
c973d523fed53fe50a25a46a5eba077db21cea853b955ddf6d5e8240bbc5ffea41322bdcd3f2c5ff9153edc2f437022e638ce4ce80dbfa84a01e3c6acb384f4e
Static task
static1
Behavioral task
behavioral1
Sample
2021ME04LO14.doc
Resource
win7v20210408
Behavioral task
behavioral2
Sample
2021ME04LO14.doc
Resource
win10v20210410
Malware Config
Extracted
smokeloader
2018
http://melonco.com/0/
Targets
-
-
Target
2021ME04LO14.doc
-
Size
1.2MB
-
MD5
a7efdf6b05f75d87da78ebac5d8ec871
-
SHA1
8e15570191d6a989809d77f5759d4196c5675f57
-
SHA256
9266b7e06934a2c37355df644d5fb7cbc94d013059ce03e8beeeb961bb529720
-
SHA512
c973d523fed53fe50a25a46a5eba077db21cea853b955ddf6d5e8240bbc5ffea41322bdcd3f2c5ff9153edc2f437022e638ce4ce80dbfa84a01e3c6acb384f4e
Score10/10-
Blocklisted process makes network request
-
Executes dropped EXE
-
Loads dropped DLL
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-