General
-
Target
3524f3e7e62a4e65660036ce458e9e7250d59e451064829e926a8d1921adfb6b
-
Size
180KB
-
Sample
220619-xcyrzsbcg8
-
MD5
17d0624e2112f2b45bf64ee26961d26b
-
SHA1
602c70f7d076af2c296e92cad90f75e99cb7fd58
-
SHA256
3524f3e7e62a4e65660036ce458e9e7250d59e451064829e926a8d1921adfb6b
-
SHA512
52c55cb76101b0ccc1098c659a48d03a7cc6a977f289cff93de6ae2172b918852688fcbb445364747d307d1fcb424f26a0ae84e053541bd7e4a78f0002f7a54c
Static task
static1
Behavioral task
behavioral1
Sample
3524f3e7e62a4e65660036ce458e9e7250d59e451064829e926a8d1921adfb6b.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
3524f3e7e62a4e65660036ce458e9e7250d59e451064829e926a8d1921adfb6b.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
smokeloader
2018
http://sndk22ookk.us/2/
Targets
-
-
Target
3524f3e7e62a4e65660036ce458e9e7250d59e451064829e926a8d1921adfb6b
-
Size
180KB
-
MD5
17d0624e2112f2b45bf64ee26961d26b
-
SHA1
602c70f7d076af2c296e92cad90f75e99cb7fd58
-
SHA256
3524f3e7e62a4e65660036ce458e9e7250d59e451064829e926a8d1921adfb6b
-
SHA512
52c55cb76101b0ccc1098c659a48d03a7cc6a977f289cff93de6ae2172b918852688fcbb445364747d307d1fcb424f26a0ae84e053541bd7e4a78f0002f7a54c
Score10/10-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Suspicious use of SetThreadContext
-