General
-
Target
252a4190eaecbc943096298f30f253abdb5c44a300be287f15f7df2b73aa582f
-
Size
136KB
-
Sample
220611-ypwc3aecgp
-
MD5
6edb03b17015511d88be4bd846edb15a
-
SHA1
010dc0f8d022df643c03736e207de5684fffcf32
-
SHA256
252a4190eaecbc943096298f30f253abdb5c44a300be287f15f7df2b73aa582f
-
SHA512
c851f60ce4476c313e690e28dc66b0ab3f0f127ef81b01f238ac7d11cf1244e6824735495e167c8f56c4986ec603b76cd1cd25b1093187d016d325714353c65b
Static task
static1
Behavioral task
behavioral1
Sample
252a4190eaecbc943096298f30f253abdb5c44a300be287f15f7df2b73aa582f.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
252a4190eaecbc943096298f30f253abdb5c44a300be287f15f7df2b73aa582f.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
smokeloader
2018
http://klub11n.se/kp/
Targets
-
-
Target
252a4190eaecbc943096298f30f253abdb5c44a300be287f15f7df2b73aa582f
-
Size
136KB
-
MD5
6edb03b17015511d88be4bd846edb15a
-
SHA1
010dc0f8d022df643c03736e207de5684fffcf32
-
SHA256
252a4190eaecbc943096298f30f253abdb5c44a300be287f15f7df2b73aa582f
-
SHA512
c851f60ce4476c313e690e28dc66b0ab3f0f127ef81b01f238ac7d11cf1244e6824735495e167c8f56c4986ec603b76cd1cd25b1093187d016d325714353c65b
Score10/10-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Suspicious use of SetThreadContext
-