General
-
Target
440ff7b2ca1bca39ce17946fb76b1402036a1e1c3295229eccca429eccdaf28c
-
Size
176KB
-
Sample
220707-zqyp9abfcr
-
MD5
944e5bdbdc8ebeca7ae267a0b873fcaa
-
SHA1
f398dc78fbb9759ac920fde54b04b8871e496dfe
-
SHA256
440ff7b2ca1bca39ce17946fb76b1402036a1e1c3295229eccca429eccdaf28c
-
SHA512
ca9b220eb6917d12b61eb32b9a09670142b64800d79afa22770062d8f76be18db106fc8f9bf25c06738b699061e61ac3de566b564a94f631d8482f5479633977
Static task
static1
Behavioral task
behavioral1
Sample
440ff7b2ca1bca39ce17946fb76b1402036a1e1c3295229eccca429eccdaf28c.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
440ff7b2ca1bca39ce17946fb76b1402036a1e1c3295229eccca429eccdaf28c.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
smokeloader
2017
http://bbank.bit/
http://abank.bit/
Targets
-
-
Target
440ff7b2ca1bca39ce17946fb76b1402036a1e1c3295229eccca429eccdaf28c
-
Size
176KB
-
MD5
944e5bdbdc8ebeca7ae267a0b873fcaa
-
SHA1
f398dc78fbb9759ac920fde54b04b8871e496dfe
-
SHA256
440ff7b2ca1bca39ce17946fb76b1402036a1e1c3295229eccca429eccdaf28c
-
SHA512
ca9b220eb6917d12b61eb32b9a09670142b64800d79afa22770062d8f76be18db106fc8f9bf25c06738b699061e61ac3de566b564a94f631d8482f5479633977
Score10/10-
suricata: ET MALWARE Sharik/Smoke Loader Java Connectivity Check
suricata: ET MALWARE Sharik/Smoke Loader Java Connectivity Check
-
suricata: ET MALWARE Sharik/Smoke Loader Microsoft Connectivity Check
suricata: ET MALWARE Sharik/Smoke Loader Microsoft Connectivity Check
-
Adds policy Run key to start application
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-