General
-
Target
34ad8276994a33159a930e071d3b8c6d
-
Size
218KB
-
Sample
220620-vl6svahhd3
-
MD5
34ad8276994a33159a930e071d3b8c6d
-
SHA1
f800ecc2df2b2c9a77c5c316685d5521b856c14b
-
SHA256
29c05aa1ff99bec33ca06115404a2dbe2d6123ea16080e675a6cdf03838f71b3
-
SHA512
314120bf415df4a64aadd59ca00b08c25f957af4ef1d68893859863dbfc05e0f44697113fcfe7f52a7a149da728a260f16601f29bfbf6d2becc2f3a8dc8a80e5
Static task
static1
Behavioral task
behavioral1
Sample
34ad8276994a33159a930e071d3b8c6d.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
34ad8276994a33159a930e071d3b8c6d.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
smokeloader
2018
http://lufdx2.com/2/
http://gvs1.in/2/
http://jdcbhs.ru/2/
http://m21ch.com/2/
http://gdlvw1.com/2/
Targets
-
-
Target
34ad8276994a33159a930e071d3b8c6d
-
Size
218KB
-
MD5
34ad8276994a33159a930e071d3b8c6d
-
SHA1
f800ecc2df2b2c9a77c5c316685d5521b856c14b
-
SHA256
29c05aa1ff99bec33ca06115404a2dbe2d6123ea16080e675a6cdf03838f71b3
-
SHA512
314120bf415df4a64aadd59ca00b08c25f957af4ef1d68893859863dbfc05e0f44697113fcfe7f52a7a149da728a260f16601f29bfbf6d2becc2f3a8dc8a80e5
Score10/10-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Suspicious use of SetThreadContext
-