General
-
Target
6593b12340d2979c38db59194a5888ab8003384eae23cc36f5cfc38da1d0e864
-
Size
145KB
-
Sample
221006-e1rdpsgehn
-
MD5
d5799abe28b073853f14b08500d17c35
-
SHA1
275c357c45b04da2a7b595dbccbea0fb9f06547b
-
SHA256
6593b12340d2979c38db59194a5888ab8003384eae23cc36f5cfc38da1d0e864
-
SHA512
d48a602eec6d9f993c24ba4090425a02979b075722ed934bb113c9a198ef2ec181547f21ea895425d656996de842f4ab8793559c80a6c9260f8362a2ac3b8387
-
SSDEEP
1536:XMA/usmuXcTjA1G++MhhkMOgNl2Y9vBl/fRb42PXho8IUni/xV9XE/WzWDMOi:XMAWoIr++3MO659v3/fR82+mIkfwO
Static task
static1
Behavioral task
behavioral1
Sample
6593b12340d2979c38db59194a5888ab8003384eae23cc36f5cfc38da1d0e864.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
danabot
-
embedded_hash
EAD30BF58E340E9E105B328F524565E0
-
type
loader
Targets
-
-
Target
6593b12340d2979c38db59194a5888ab8003384eae23cc36f5cfc38da1d0e864
-
Size
145KB
-
MD5
d5799abe28b073853f14b08500d17c35
-
SHA1
275c357c45b04da2a7b595dbccbea0fb9f06547b
-
SHA256
6593b12340d2979c38db59194a5888ab8003384eae23cc36f5cfc38da1d0e864
-
SHA512
d48a602eec6d9f993c24ba4090425a02979b075722ed934bb113c9a198ef2ec181547f21ea895425d656996de842f4ab8793559c80a6c9260f8362a2ac3b8387
-
SSDEEP
1536:XMA/usmuXcTjA1G++MhhkMOgNl2Y9vBl/fRb42PXho8IUni/xV9XE/WzWDMOi:XMAWoIr++3MO659v3/fR82+mIkfwO
Score10/10-
Detects Smokeloader packer
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-