General
-
Target
6d3030a33f98a414cc2c127e177a90a94fbc5905768c3c5b3c691c01483377ce
-
Size
317KB
-
Sample
220125-jylgwsbgdr
-
MD5
e2dccb8a0f38a2f3696e90a90b9eba07
-
SHA1
bce17a8ae6de47772125afce2cd89dfe5d61ed20
-
SHA256
6d3030a33f98a414cc2c127e177a90a94fbc5905768c3c5b3c691c01483377ce
-
SHA512
a3c61bb35cc03393a84959f4ae775d414e527f5c499f819241ac876ad5f82fa033d0a89d1039f19670a8d39429f9c33340e996d4a894d16eabc71cfb83b6d066
Static task
static1
Behavioral task
behavioral1
Sample
6d3030a33f98a414cc2c127e177a90a94fbc5905768c3c5b3c691c01483377ce.exe
Resource
win10-en-20211208
Malware Config
Extracted
smokeloader
2020
http://abpa.at/upload/
http://emaratghajari.com/upload/
http://d7qw.cn/upload/
http://alumik-group.ru/upload/
http://zamkikurgan.ru/upload/
https://oakland-studio.video/search.php
https://seattle-university.video/search.php
Targets
-
-
Target
6d3030a33f98a414cc2c127e177a90a94fbc5905768c3c5b3c691c01483377ce
-
Size
317KB
-
MD5
e2dccb8a0f38a2f3696e90a90b9eba07
-
SHA1
bce17a8ae6de47772125afce2cd89dfe5d61ed20
-
SHA256
6d3030a33f98a414cc2c127e177a90a94fbc5905768c3c5b3c691c01483377ce
-
SHA512
a3c61bb35cc03393a84959f4ae775d414e527f5c499f819241ac876ad5f82fa033d0a89d1039f19670a8d39429f9c33340e996d4a894d16eabc71cfb83b6d066
-
suricata: ET MALWARE Windows dir Microsoft Windows DOS prompt command exit OUTBOUND
suricata: ET MALWARE Windows dir Microsoft Windows DOS prompt command exit OUTBOUND
-
suricata: ET MALWARE Windows route Microsoft Windows DOS prompt command exit OUTBOUND
suricata: ET MALWARE Windows route Microsoft Windows DOS prompt command exit OUTBOUND
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Deletes itself
-
Accesses Microsoft Outlook profiles
-