General
-
Target
a59dd96f5e3c76b0d576aceb012e6c3244044b36fcadda78fce6af0bbb4258df
-
Size
304KB
-
Sample
220521-yrj3tagddl
-
MD5
56162d3abe993e4836a2ec9185d7a0f4
-
SHA1
597a363d84b8d11b6edbfc8f451ec0fc51995666
-
SHA256
a59dd96f5e3c76b0d576aceb012e6c3244044b36fcadda78fce6af0bbb4258df
-
SHA512
9e00ab8b9bd634f9763b02cc62dec16bc0bee561bd78e18de126c01836d9f406e1f7a461d9fd18b8a03a795c022bc381abd761c8eefda2913fdce1609b0dd06f
Static task
static1
Behavioral task
behavioral1
Sample
a59dd96f5e3c76b0d576aceb012e6c3244044b36fcadda78fce6af0bbb4258df.exe
Resource
win10-20220414-en
Malware Config
Extracted
smokeloader
2020
https://ny-city-mall.com/search.php
https://fresh-cars.net/search.php
Targets
-
-
Target
a59dd96f5e3c76b0d576aceb012e6c3244044b36fcadda78fce6af0bbb4258df
-
Size
304KB
-
MD5
56162d3abe993e4836a2ec9185d7a0f4
-
SHA1
597a363d84b8d11b6edbfc8f451ec0fc51995666
-
SHA256
a59dd96f5e3c76b0d576aceb012e6c3244044b36fcadda78fce6af0bbb4258df
-
SHA512
9e00ab8b9bd634f9763b02cc62dec16bc0bee561bd78e18de126c01836d9f406e1f7a461d9fd18b8a03a795c022bc381abd761c8eefda2913fdce1609b0dd06f
-
suricata: ET MALWARE Windows dir Microsoft Windows DOS prompt command exit OUTBOUND
suricata: ET MALWARE Windows dir Microsoft Windows DOS prompt command exit OUTBOUND
-
suricata: ET MALWARE Windows route Microsoft Windows DOS prompt command exit OUTBOUND
suricata: ET MALWARE Windows route Microsoft Windows DOS prompt command exit OUTBOUND
-
Modifies Windows Firewall
-
Deletes itself
-
Accesses Microsoft Outlook profiles
-