General
-
Target
45d98cc3717877368dfd239949a424619f702c1c6170528b619815a2f00a78c0
-
Size
184KB
-
Sample
220707-mpk2jsfdf4
-
MD5
ff120b666660d1159602b401d183bbc6
-
SHA1
c9e61809982b255c61e0240720c50979a0a8be8f
-
SHA256
45d98cc3717877368dfd239949a424619f702c1c6170528b619815a2f00a78c0
-
SHA512
d2e95f076757d3af0215e5591569b61ec6c666b451ffba003b67fac9d5bb9f9c8551592f83b65c2901577ff3383467d0e1dd8fd1b1742ecbbf74ed5063df827c
Static task
static1
Behavioral task
behavioral1
Sample
45d98cc3717877368dfd239949a424619f702c1c6170528b619815a2f00a78c0.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
45d98cc3717877368dfd239949a424619f702c1c6170528b619815a2f00a78c0.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
smokeloader
2018
http://klub11n.us/my/
Targets
-
-
Target
45d98cc3717877368dfd239949a424619f702c1c6170528b619815a2f00a78c0
-
Size
184KB
-
MD5
ff120b666660d1159602b401d183bbc6
-
SHA1
c9e61809982b255c61e0240720c50979a0a8be8f
-
SHA256
45d98cc3717877368dfd239949a424619f702c1c6170528b619815a2f00a78c0
-
SHA512
d2e95f076757d3af0215e5591569b61ec6c666b451ffba003b67fac9d5bb9f9c8551592f83b65c2901577ff3383467d0e1dd8fd1b1742ecbbf74ed5063df827c
Score10/10-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Suspicious use of SetThreadContext
-