General
-
Target
32e59da764725e6adbc7a2f84689e8404bd91edd9a5e5950550e002e45f69801
-
Size
210KB
-
Sample
220620-e73qbaefap
-
MD5
90168486e14502fd04ce3df2c4bacd17
-
SHA1
82f51f53c6832b0c535aaf2fa57478856453fdc2
-
SHA256
32e59da764725e6adbc7a2f84689e8404bd91edd9a5e5950550e002e45f69801
-
SHA512
5e8d7b0fbece683ebad61b31991d140c49e06874f00c53cbc95705c7c96c36005c4900822f3d014f6d7e92c88997df93c09f5b4507d2ff1e4d52a9f1dfe351d1
Static task
static1
Behavioral task
behavioral1
Sample
32e59da764725e6adbc7a2f84689e8404bd91edd9a5e5950550e002e45f69801.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
32e59da764725e6adbc7a2f84689e8404bd91edd9a5e5950550e002e45f69801.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
smokeloader
2018
http://lufdx2.com/2/
http://gvs1.in/2/
http://jdcbhs.ru/2/
http://m21ch.com/2/
http://gdlvw1.com/2/
Targets
-
-
Target
32e59da764725e6adbc7a2f84689e8404bd91edd9a5e5950550e002e45f69801
-
Size
210KB
-
MD5
90168486e14502fd04ce3df2c4bacd17
-
SHA1
82f51f53c6832b0c535aaf2fa57478856453fdc2
-
SHA256
32e59da764725e6adbc7a2f84689e8404bd91edd9a5e5950550e002e45f69801
-
SHA512
5e8d7b0fbece683ebad61b31991d140c49e06874f00c53cbc95705c7c96c36005c4900822f3d014f6d7e92c88997df93c09f5b4507d2ff1e4d52a9f1dfe351d1
Score10/10-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Suspicious use of SetThreadContext
-