General
-
Target
2585865ffb0337f7203112b9e5fa974a87f1330bbc7cf39cde419e32c4278158
-
Size
536KB
-
Sample
220611-xglm8agdd2
-
MD5
7bba29efc7f06e9503744111cb007f32
-
SHA1
3f4b85a06a90992da1317c1eed35596ee164e0f7
-
SHA256
2585865ffb0337f7203112b9e5fa974a87f1330bbc7cf39cde419e32c4278158
-
SHA512
de34f149ed6118a9fb00b3509bea66d8f8995c1c307bc5591245365df70ff0ff8af4746eb358d06e892177133e45fb406c7fd95b3056d20a3128fb9c29379d03
Static task
static1
Behavioral task
behavioral1
Sample
2585865ffb0337f7203112b9e5fa974a87f1330bbc7cf39cde419e32c4278158.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
2585865ffb0337f7203112b9e5fa974a87f1330bbc7cf39cde419e32c4278158.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
smokeloader
2018
http://aviatorssm.bit/
http://anotherblock.bit/
Targets
-
-
Target
2585865ffb0337f7203112b9e5fa974a87f1330bbc7cf39cde419e32c4278158
-
Size
536KB
-
MD5
7bba29efc7f06e9503744111cb007f32
-
SHA1
3f4b85a06a90992da1317c1eed35596ee164e0f7
-
SHA256
2585865ffb0337f7203112b9e5fa974a87f1330bbc7cf39cde419e32c4278158
-
SHA512
de34f149ed6118a9fb00b3509bea66d8f8995c1c307bc5591245365df70ff0ff8af4746eb358d06e892177133e45fb406c7fd95b3056d20a3128fb9c29379d03
Score10/10-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-