General
-
Target
2db6eddaba052c4465b65b8b13528a408ab23e29d040dad7f7b3ca269e7e0044
-
Size
162KB
-
Sample
220622-rejg7abac3
-
MD5
1f47d3333db683693309278df5835663
-
SHA1
c491e6f5f86ed44a631d2a84d4ac68d8540b97a8
-
SHA256
2db6eddaba052c4465b65b8b13528a408ab23e29d040dad7f7b3ca269e7e0044
-
SHA512
57dfafdea46ad02d1a23cc1141faf6a020c7ad3ec63459fc11051f940b9a837b3318b06e97b8dbeea5b6590df8d6448a1694ddbe15c5b5abcc07d94d44ecfbad
Static task
static1
Behavioral task
behavioral1
Sample
2db6eddaba052c4465b65b8b13528a408ab23e29d040dad7f7b3ca269e7e0044.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
2db6eddaba052c4465b65b8b13528a408ab23e29d040dad7f7b3ca269e7e0044.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
smokeloader
2018
http://proxy-exe.bit/2/
http://kiyanka.club/2/
http://d3s1.me/2/
Targets
-
-
Target
2db6eddaba052c4465b65b8b13528a408ab23e29d040dad7f7b3ca269e7e0044
-
Size
162KB
-
MD5
1f47d3333db683693309278df5835663
-
SHA1
c491e6f5f86ed44a631d2a84d4ac68d8540b97a8
-
SHA256
2db6eddaba052c4465b65b8b13528a408ab23e29d040dad7f7b3ca269e7e0044
-
SHA512
57dfafdea46ad02d1a23cc1141faf6a020c7ad3ec63459fc11051f940b9a837b3318b06e97b8dbeea5b6590df8d6448a1694ddbe15c5b5abcc07d94d44ecfbad
Score10/10-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Suspicious use of SetThreadContext
-