General
-
Target
4c83a0fb4a16ec894dfdd130326ac19639c02822e21cfe9bcac55f5799e473cf
-
Size
240KB
-
Sample
220127-lfdensaebl
-
MD5
e244b430a10e36a1edb485b18f4f3101
-
SHA1
28af9160889bcfed64edb46a5b3949a02bed287d
-
SHA256
4c83a0fb4a16ec894dfdd130326ac19639c02822e21cfe9bcac55f5799e473cf
-
SHA512
74a4a2e4bdab6e156f8b9bf49b049ba66588b734f82deb515c7a178a3d4bebde72d39b0d24cdba4a12b0d23585c92e378e2f3c078d802d49b49456450a9af0fe
Static task
static1
Behavioral task
behavioral1
Sample
4c83a0fb4a16ec894dfdd130326ac19639c02822e21cfe9bcac55f5799e473cf.exe
Resource
win10v2004-en-20220112
Malware Config
Extracted
smokeloader
2020
http://host-data-coin-11.com/
http://file-coin-host-12.com/
Targets
-
-
Target
4c83a0fb4a16ec894dfdd130326ac19639c02822e21cfe9bcac55f5799e473cf
-
Size
240KB
-
MD5
e244b430a10e36a1edb485b18f4f3101
-
SHA1
28af9160889bcfed64edb46a5b3949a02bed287d
-
SHA256
4c83a0fb4a16ec894dfdd130326ac19639c02822e21cfe9bcac55f5799e473cf
-
SHA512
74a4a2e4bdab6e156f8b9bf49b049ba66588b734f82deb515c7a178a3d4bebde72d39b0d24cdba4a12b0d23585c92e378e2f3c078d802d49b49456450a9af0fe
Score10/10-
Executes dropped EXE
-
Sets service image path in registry
-
Suspicious use of SetThreadContext
-