General
-
Target
256340cafa360c86852d0f2b648e85a9e0957a66f58c0bc572f6b7482bb75135
-
Size
304KB
-
Sample
220521-tgbw8saae5
-
MD5
cfbe64a303fb6e0000c7859bfb13a1a2
-
SHA1
a6b85217a3bd9ef76f1235a9ab92384b96b7fede
-
SHA256
256340cafa360c86852d0f2b648e85a9e0957a66f58c0bc572f6b7482bb75135
-
SHA512
c411656d43d9b709db77c153da224e2930d26200dc081082d0a4beb0be23b6e63c9e747ec3d650cd670f72c08d79ba40d49c9091344e305a01657916109284b1
Static task
static1
Behavioral task
behavioral1
Sample
256340cafa360c86852d0f2b648e85a9e0957a66f58c0bc572f6b7482bb75135.exe
Resource
win10-20220414-en
Malware Config
Extracted
smokeloader
2020
https://ny-city-mall.com/search.php
https://fresh-cars.net/search.php
Targets
-
-
Target
256340cafa360c86852d0f2b648e85a9e0957a66f58c0bc572f6b7482bb75135
-
Size
304KB
-
MD5
cfbe64a303fb6e0000c7859bfb13a1a2
-
SHA1
a6b85217a3bd9ef76f1235a9ab92384b96b7fede
-
SHA256
256340cafa360c86852d0f2b648e85a9e0957a66f58c0bc572f6b7482bb75135
-
SHA512
c411656d43d9b709db77c153da224e2930d26200dc081082d0a4beb0be23b6e63c9e747ec3d650cd670f72c08d79ba40d49c9091344e305a01657916109284b1
-
suricata: ET MALWARE Windows dir Microsoft Windows DOS prompt command exit OUTBOUND
suricata: ET MALWARE Windows dir Microsoft Windows DOS prompt command exit OUTBOUND
-
suricata: ET MALWARE Windows route Microsoft Windows DOS prompt command exit OUTBOUND
suricata: ET MALWARE Windows route Microsoft Windows DOS prompt command exit OUTBOUND
-
Modifies Windows Firewall
-
Deletes itself
-
Accesses Microsoft Outlook profiles
-