General
-
Target
4283ca37bfb638cf5beb9579af09eb1d40f11cedb7f5690ab36bc97a7af5c74c
-
Size
356KB
-
Sample
220625-cw99xachd4
-
MD5
a3789a435139fbace70f534c17a6590a
-
SHA1
8d75ed3179f4217736ee2b981e33d9e494e3c892
-
SHA256
4283ca37bfb638cf5beb9579af09eb1d40f11cedb7f5690ab36bc97a7af5c74c
-
SHA512
b4355d5c4f8d84558fb2f0459017646028c81721b96f4e21c73e995ced692bef216d1a1ac0a48ac61c6303dba77ac09110b4d984997ea5e77b2c08478c0d03e1
Static task
static1
Behavioral task
behavioral1
Sample
4283ca37bfb638cf5beb9579af09eb1d40f11cedb7f5690ab36bc97a7af5c74c.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
4283ca37bfb638cf5beb9579af09eb1d40f11cedb7f5690ab36bc97a7af5c74c.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
smokeloader
2018
http://js0c892.se/wp/
Targets
-
-
Target
4283ca37bfb638cf5beb9579af09eb1d40f11cedb7f5690ab36bc97a7af5c74c
-
Size
356KB
-
MD5
a3789a435139fbace70f534c17a6590a
-
SHA1
8d75ed3179f4217736ee2b981e33d9e494e3c892
-
SHA256
4283ca37bfb638cf5beb9579af09eb1d40f11cedb7f5690ab36bc97a7af5c74c
-
SHA512
b4355d5c4f8d84558fb2f0459017646028c81721b96f4e21c73e995ced692bef216d1a1ac0a48ac61c6303dba77ac09110b4d984997ea5e77b2c08478c0d03e1
Score10/10-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Suspicious use of SetThreadContext
-