General
-
Target
4bae31dea2364b814e4d3cf3f8db80182438e4e4bc4ed2846391d6307cfcbd2e
-
Size
244KB
-
Sample
220712-k35l1aebf4
-
MD5
982c627feddbe09520646a6315c9bdf1
-
SHA1
78c45ebbb1d9eec82823ce5b972659c7f27ea987
-
SHA256
4bae31dea2364b814e4d3cf3f8db80182438e4e4bc4ed2846391d6307cfcbd2e
-
SHA512
bba410680438a6f2bfea70ca55c31cf12bc891b0dda567b29d8464aa64c07cbf59fe0fc3c09547d80ce99f5db4cc7559838affa7de42e62748d066ad7c0ef3f6
Static task
static1
Behavioral task
behavioral1
Sample
4bae31dea2364b814e4d3cf3f8db80182438e4e4bc4ed2846391d6307cfcbd2e.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
4bae31dea2364b814e4d3cf3f8db80182438e4e4bc4ed2846391d6307cfcbd2e.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
smokeloader
2018
http://js0c892.se/jd/
Targets
-
-
Target
4bae31dea2364b814e4d3cf3f8db80182438e4e4bc4ed2846391d6307cfcbd2e
-
Size
244KB
-
MD5
982c627feddbe09520646a6315c9bdf1
-
SHA1
78c45ebbb1d9eec82823ce5b972659c7f27ea987
-
SHA256
4bae31dea2364b814e4d3cf3f8db80182438e4e4bc4ed2846391d6307cfcbd2e
-
SHA512
bba410680438a6f2bfea70ca55c31cf12bc891b0dda567b29d8464aa64c07cbf59fe0fc3c09547d80ce99f5db4cc7559838affa7de42e62748d066ad7c0ef3f6
Score10/10-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Suspicious use of SetThreadContext
-