General
-
Target
411101bbd66128f5220733ba0229999ccb4fa7c608dd1e4637b169e6f3a79e29
-
Size
124KB
-
Sample
220708-hsyplagch3
-
MD5
4762bf87bb09e916dacd13d3f6b1e98f
-
SHA1
1f4c2074cc110f6c1b7b3a9d177154453c0c575b
-
SHA256
411101bbd66128f5220733ba0229999ccb4fa7c608dd1e4637b169e6f3a79e29
-
SHA512
56d2a5d1b27df7572af0d76514b2d9a5357926bdd6be3c574ff83f47515c49515576b14183b67a90951cc33da73752695f8fe24bad6b0073d50733e85698a3c7
Static task
static1
Behavioral task
behavioral1
Sample
411101bbd66128f5220733ba0229999ccb4fa7c608dd1e4637b169e6f3a79e29.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
411101bbd66128f5220733ba0229999ccb4fa7c608dd1e4637b169e6f3a79e29.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
smokeloader
2018
http://45.62.235.208/w/
Targets
-
-
Target
411101bbd66128f5220733ba0229999ccb4fa7c608dd1e4637b169e6f3a79e29
-
Size
124KB
-
MD5
4762bf87bb09e916dacd13d3f6b1e98f
-
SHA1
1f4c2074cc110f6c1b7b3a9d177154453c0c575b
-
SHA256
411101bbd66128f5220733ba0229999ccb4fa7c608dd1e4637b169e6f3a79e29
-
SHA512
56d2a5d1b27df7572af0d76514b2d9a5357926bdd6be3c574ff83f47515c49515576b14183b67a90951cc33da73752695f8fe24bad6b0073d50733e85698a3c7
Score10/10-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Suspicious use of SetThreadContext
-