General
-
Target
a91b47dd04b0e0239d087f40e153971719cb9b386d73cc80c6b2feaa368bf101
-
Size
356KB
-
Sample
220126-zgk3ssabcn
-
MD5
594a5d0869620855f89487ba04420a6e
-
SHA1
0694e7e225cae7c8039e1feb20fe1784acd52061
-
SHA256
a91b47dd04b0e0239d087f40e153971719cb9b386d73cc80c6b2feaa368bf101
-
SHA512
2f7715a4bd64d8f45eb5e47b6edff1f6f6fa403659badbfd08528a6a95d4e7f152412e084de7fd5ba8ada2da22a2539c9cc6e23e6e620b3748b5beef11d0f5dc
Static task
static1
Behavioral task
behavioral1
Sample
a91b47dd04b0e0239d087f40e153971719cb9b386d73cc80c6b2feaa368bf101.exe
Resource
win10v2004-en-20220112
Malware Config
Extracted
smokeloader
2020
https://oakland-studio.video/search.php
https://seattle-university.video/search.php
Targets
-
-
Target
a91b47dd04b0e0239d087f40e153971719cb9b386d73cc80c6b2feaa368bf101
-
Size
356KB
-
MD5
594a5d0869620855f89487ba04420a6e
-
SHA1
0694e7e225cae7c8039e1feb20fe1784acd52061
-
SHA256
a91b47dd04b0e0239d087f40e153971719cb9b386d73cc80c6b2feaa368bf101
-
SHA512
2f7715a4bd64d8f45eb5e47b6edff1f6f6fa403659badbfd08528a6a95d4e7f152412e084de7fd5ba8ada2da22a2539c9cc6e23e6e620b3748b5beef11d0f5dc
-
Suspicious use of NtCreateProcessExOtherParentProcess
-
suricata: ET MALWARE Windows dir Microsoft Windows DOS prompt command exit OUTBOUND
suricata: ET MALWARE Windows dir Microsoft Windows DOS prompt command exit OUTBOUND
-
suricata: ET MALWARE Windows route Microsoft Windows DOS prompt command exit OUTBOUND
suricata: ET MALWARE Windows route Microsoft Windows DOS prompt command exit OUTBOUND
-
Modifies Windows Firewall
-
Sets service image path in registry
-