General
-
Target
406cd7548ccfafd8d86ae3195203847a5197df423721b3c8375d00ab08a7a91d
-
Size
250KB
-
Sample
220708-v3arqsega6
-
MD5
b9276248f6f0cc3791a9fc138c7e5cd6
-
SHA1
926595afcdd25fb3425e7483ef56b543a9042ba0
-
SHA256
406cd7548ccfafd8d86ae3195203847a5197df423721b3c8375d00ab08a7a91d
-
SHA512
f64adeef8d7ebe297b4c4c558c5ca7bcdc267eeeaeade556bbce1eb0fd51c8cc22f5c5b0ebbd3cb0aadfbf5b87436f727ee0666eca2b0f9cc80ebfbb78ec50d5
Static task
static1
Behavioral task
behavioral1
Sample
406cd7548ccfafd8d86ae3195203847a5197df423721b3c8375d00ab08a7a91d.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
406cd7548ccfafd8d86ae3195203847a5197df423721b3c8375d00ab08a7a91d.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
smokeloader
2018
http://lufdx2.com/2/
http://gvs1.in/2/
http://jdcbhs.ru/2/
http://m21ch.com/2/
http://gdlvw1.com/2/
Targets
-
-
Target
406cd7548ccfafd8d86ae3195203847a5197df423721b3c8375d00ab08a7a91d
-
Size
250KB
-
MD5
b9276248f6f0cc3791a9fc138c7e5cd6
-
SHA1
926595afcdd25fb3425e7483ef56b543a9042ba0
-
SHA256
406cd7548ccfafd8d86ae3195203847a5197df423721b3c8375d00ab08a7a91d
-
SHA512
f64adeef8d7ebe297b4c4c558c5ca7bcdc267eeeaeade556bbce1eb0fd51c8cc22f5c5b0ebbd3cb0aadfbf5b87436f727ee0666eca2b0f9cc80ebfbb78ec50d5
Score10/10-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Suspicious use of SetThreadContext
-