General
-
Target
TT-2021ME04LO15.doc
-
Size
1.4MB
-
Sample
210415-zsrxvvkn2n
-
MD5
ebf1f2545f4d56934b70ee736283a82a
-
SHA1
0015da9c77c451f9bcae368b40310173b40833fd
-
SHA256
4a3edbea57e335f6b08ad17812f1c4746d4b6741546f1c497a3b809774f81d1d
-
SHA512
e36b6ef2273e0effe7aac818b11e49ceaadce554bf8b3f2407c12eddbad720c1a3bb5c00567fdd2492d674e3035cc8d50e1d30787f9b452a6bfc3977c46c2f2d
Static task
static1
Behavioral task
behavioral1
Sample
TT-2021ME04LO15.doc
Resource
win7v20210410
Behavioral task
behavioral2
Sample
TT-2021ME04LO15.doc
Resource
win10v20210410
Malware Config
Extracted
https://u.teknik.io/9AudS.jpg
Extracted
smokeloader
2018
http://melonco.com/0/
Targets
-
-
Target
TT-2021ME04LO15.doc
-
Size
1.4MB
-
MD5
ebf1f2545f4d56934b70ee736283a82a
-
SHA1
0015da9c77c451f9bcae368b40310173b40833fd
-
SHA256
4a3edbea57e335f6b08ad17812f1c4746d4b6741546f1c497a3b809774f81d1d
-
SHA512
e36b6ef2273e0effe7aac818b11e49ceaadce554bf8b3f2407c12eddbad720c1a3bb5c00567fdd2492d674e3035cc8d50e1d30787f9b452a6bfc3977c46c2f2d
Score10/10-
Blocklisted process makes network request
-
Executes dropped EXE
-
Loads dropped DLL
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Drops file in System32 directory
-