General
-
Target
155e1cd7621bc1e43f2e503a10b77fc819cffefdfa650a0c5f07f5795e7d9534
-
Size
244KB
-
Sample
220609-h8wj6sadfj
-
MD5
16354c4882683938fd63cdde2ba89b6a
-
SHA1
57146cb9071e9fd804c694511a2c4fbede86a29f
-
SHA256
155e1cd7621bc1e43f2e503a10b77fc819cffefdfa650a0c5f07f5795e7d9534
-
SHA512
e2384c1288ded13580697f617565a8a1253e584c2729f6ba158aa7c9b54185356833d2ece0ef722036785b6e156038df3ec5cb7c7b415da8f90fdfcea6c52ab6
Static task
static1
Behavioral task
behavioral1
Sample
155e1cd7621bc1e43f2e503a10b77fc819cffefdfa650a0c5f07f5795e7d9534.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
155e1cd7621bc1e43f2e503a10b77fc819cffefdfa650a0c5f07f5795e7d9534.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
smokeloader
2018
http://snd50ck.se/bn/
Targets
-
-
Target
155e1cd7621bc1e43f2e503a10b77fc819cffefdfa650a0c5f07f5795e7d9534
-
Size
244KB
-
MD5
16354c4882683938fd63cdde2ba89b6a
-
SHA1
57146cb9071e9fd804c694511a2c4fbede86a29f
-
SHA256
155e1cd7621bc1e43f2e503a10b77fc819cffefdfa650a0c5f07f5795e7d9534
-
SHA512
e2384c1288ded13580697f617565a8a1253e584c2729f6ba158aa7c9b54185356833d2ece0ef722036785b6e156038df3ec5cb7c7b415da8f90fdfcea6c52ab6
Score10/10-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Suspicious use of SetThreadContext
-