General
-
Target
2ec66b67ec0734dbf1048b2f71a969e5915deeefc75aea61a91e079fc5720eaa
-
Size
186KB
-
Sample
221123-ngtjdsgg97
-
MD5
20265014ad062dbae27ff0398b9f1cc6
-
SHA1
2bb048c1aeed663031b3056019f9cd543f7a9edc
-
SHA256
2ec66b67ec0734dbf1048b2f71a969e5915deeefc75aea61a91e079fc5720eaa
-
SHA512
e87415a86b797c4a59e1d07b774b6354361a9db5e79c0fdd9c59bbe418bcf31a2a0f9f6fff1326b99ed0992ce53952a1d5fba49f2a33a0c8a71849863b1aab96
-
SSDEEP
3072:oDuvOZCRgdLRzZRvWFJO5BzbGdeAnGv1hB8ZlPDzS2fKpKN:euh4LRltuOnkGNhB8LPXS2fCK
Static task
static1
Behavioral task
behavioral1
Sample
2ec66b67ec0734dbf1048b2f71a969e5915deeefc75aea61a91e079fc5720eaa.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
2ec66b67ec0734dbf1048b2f71a969e5915deeefc75aea61a91e079fc5720eaa
-
Size
186KB
-
MD5
20265014ad062dbae27ff0398b9f1cc6
-
SHA1
2bb048c1aeed663031b3056019f9cd543f7a9edc
-
SHA256
2ec66b67ec0734dbf1048b2f71a969e5915deeefc75aea61a91e079fc5720eaa
-
SHA512
e87415a86b797c4a59e1d07b774b6354361a9db5e79c0fdd9c59bbe418bcf31a2a0f9f6fff1326b99ed0992ce53952a1d5fba49f2a33a0c8a71849863b1aab96
-
SSDEEP
3072:oDuvOZCRgdLRzZRvWFJO5BzbGdeAnGv1hB8ZlPDzS2fKpKN:euh4LRltuOnkGNhB8LPXS2fCK
Score10/10-
Detects Smokeloader packer
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-