General
-
Target
f0dc732a1e1f8d6e554ab36653632de8723d43a4da505c388609f5ed63816543
-
Size
317KB
-
Sample
220125-2w3mhaggem
-
MD5
9d2468099aa2f693642790f0312f5fb1
-
SHA1
ea24e81a4314eae7abe8de96aa03844691fe1e35
-
SHA256
f0dc732a1e1f8d6e554ab36653632de8723d43a4da505c388609f5ed63816543
-
SHA512
0dc4177039b797caab26a23b225a6fba1962d2302f603e7c2fa2ebea2b4f5bf9bd7e4c79af890409f5ffdfcb5e9867f0a100c5104a561502c02da9530a693432
Static task
static1
Behavioral task
behavioral1
Sample
f0dc732a1e1f8d6e554ab36653632de8723d43a4da505c388609f5ed63816543.exe
Resource
win10-en-20211208
Malware Config
Extracted
smokeloader
2020
http://abpa.at/upload/
http://emaratghajari.com/upload/
http://d7qw.cn/upload/
http://alumik-group.ru/upload/
http://zamkikurgan.ru/upload/
https://oakland-studio.video/search.php
https://seattle-university.video/search.php
Targets
-
-
Target
f0dc732a1e1f8d6e554ab36653632de8723d43a4da505c388609f5ed63816543
-
Size
317KB
-
MD5
9d2468099aa2f693642790f0312f5fb1
-
SHA1
ea24e81a4314eae7abe8de96aa03844691fe1e35
-
SHA256
f0dc732a1e1f8d6e554ab36653632de8723d43a4da505c388609f5ed63816543
-
SHA512
0dc4177039b797caab26a23b225a6fba1962d2302f603e7c2fa2ebea2b4f5bf9bd7e4c79af890409f5ffdfcb5e9867f0a100c5104a561502c02da9530a693432
-
suricata: ET MALWARE Windows dir Microsoft Windows DOS prompt command exit OUTBOUND
suricata: ET MALWARE Windows dir Microsoft Windows DOS prompt command exit OUTBOUND
-
suricata: ET MALWARE Windows route Microsoft Windows DOS prompt command exit OUTBOUND
suricata: ET MALWARE Windows route Microsoft Windows DOS prompt command exit OUTBOUND
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Deletes itself
-
Accesses Microsoft Outlook profiles
-