General
-
Target
20dce650c10545ae85005b3fe159df250c4f1275edfe4439e2d5a2d0515029de
-
Size
132KB
-
Sample
220612-mf2b6sdcc4
-
MD5
d32834d4b087ead2e7a2817db67ba8ca
-
SHA1
3f7a606de775f001219918aea098b7da527580be
-
SHA256
20dce650c10545ae85005b3fe159df250c4f1275edfe4439e2d5a2d0515029de
-
SHA512
7dbf260b5246ae340890c0d3c5895edec7a668a4f4d2fe339e60499f2226cc53c44108fb07f076360fdc672982037d00e10b9d6df1e3123eb6dc79d3334760e7
Static task
static1
Behavioral task
behavioral1
Sample
20dce650c10545ae85005b3fe159df250c4f1275edfe4439e2d5a2d0515029de.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
20dce650c10545ae85005b3fe159df250c4f1275edfe4439e2d5a2d0515029de.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
smokeloader
2018
https://experttools.ml/
https://experttools.stream/
Targets
-
-
Target
20dce650c10545ae85005b3fe159df250c4f1275edfe4439e2d5a2d0515029de
-
Size
132KB
-
MD5
d32834d4b087ead2e7a2817db67ba8ca
-
SHA1
3f7a606de775f001219918aea098b7da527580be
-
SHA256
20dce650c10545ae85005b3fe159df250c4f1275edfe4439e2d5a2d0515029de
-
SHA512
7dbf260b5246ae340890c0d3c5895edec7a668a4f4d2fe339e60499f2226cc53c44108fb07f076360fdc672982037d00e10b9d6df1e3123eb6dc79d3334760e7
Score10/10-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Suspicious use of SetThreadContext
-