General
-
Target
1c67e6f481396acd602afac36c7804b45b468c395c736df618baa18a80856db4
-
Size
333KB
-
Sample
220126-pwdl6achbr
-
MD5
a921b0b0208703a3817e047e0946982a
-
SHA1
8289e33ec494c2576ae7f1bdb872dc4e3aae46e0
-
SHA256
1c67e6f481396acd602afac36c7804b45b468c395c736df618baa18a80856db4
-
SHA512
120ae2454947e0e99cf11d2c82c8fbb8923ea4c8b9d3acc5754ccf323b5447c1eeaf44f111da38e99bd3c503d05453565843b34eadd324d537779f014f7831c2
Static task
static1
Behavioral task
behavioral1
Sample
1c67e6f481396acd602afac36c7804b45b468c395c736df618baa18a80856db4.exe
Resource
win10-en-20211208
Malware Config
Extracted
smokeloader
2020
http://abpa.at/upload/
http://emaratghajari.com/upload/
http://d7qw.cn/upload/
http://alumik-group.ru/upload/
http://zamkikurgan.ru/upload/
https://oakland-studio.video/search.php
https://seattle-university.video/search.php
Targets
-
-
Target
1c67e6f481396acd602afac36c7804b45b468c395c736df618baa18a80856db4
-
Size
333KB
-
MD5
a921b0b0208703a3817e047e0946982a
-
SHA1
8289e33ec494c2576ae7f1bdb872dc4e3aae46e0
-
SHA256
1c67e6f481396acd602afac36c7804b45b468c395c736df618baa18a80856db4
-
SHA512
120ae2454947e0e99cf11d2c82c8fbb8923ea4c8b9d3acc5754ccf323b5447c1eeaf44f111da38e99bd3c503d05453565843b34eadd324d537779f014f7831c2
-
suricata: ET MALWARE Windows dir Microsoft Windows DOS prompt command exit OUTBOUND
suricata: ET MALWARE Windows dir Microsoft Windows DOS prompt command exit OUTBOUND
-
suricata: ET MALWARE Windows route Microsoft Windows DOS prompt command exit OUTBOUND
suricata: ET MALWARE Windows route Microsoft Windows DOS prompt command exit OUTBOUND
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Deletes itself
-
Accesses Microsoft Outlook profiles
-