General
-
Target
tmp
-
Size
710KB
-
Sample
221129-wchkbsbd46
-
MD5
e403c2bbdd544797a9d702de09165779
-
SHA1
f47a7dd5095cca86ec026990a6ca66465139c1b1
-
SHA256
3873c3bbf02f10de5e67b0da4c9002d4f936bae5aa287a83b078ae208e94f381
-
SHA512
4a0a65ddaa920fb8e1cfc525cf9efc905d98376ee46f7d0b22ca1e477c20f1b33ed426b5ce225ad05839f90a8816bb7cc58ab0ed2a1effafb92e3c4354fee5b5
-
SSDEEP
6144:tbFfUhXQel80lOImzwFO/ChdqoQ+S8BZu+2MLjb2KPhZ8NjEmfQGX3bzhj9rUrmi:tFfSQel80MUFO/Chd1q8kehZOYmDb
Static task
static1
Behavioral task
behavioral1
Sample
tmp.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
tmp.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
tmp
-
Size
710KB
-
MD5
e403c2bbdd544797a9d702de09165779
-
SHA1
f47a7dd5095cca86ec026990a6ca66465139c1b1
-
SHA256
3873c3bbf02f10de5e67b0da4c9002d4f936bae5aa287a83b078ae208e94f381
-
SHA512
4a0a65ddaa920fb8e1cfc525cf9efc905d98376ee46f7d0b22ca1e477c20f1b33ed426b5ce225ad05839f90a8816bb7cc58ab0ed2a1effafb92e3c4354fee5b5
-
SSDEEP
6144:tbFfUhXQel80lOImzwFO/ChdqoQ+S8BZu+2MLjb2KPhZ8NjEmfQGX3bzhj9rUrmi:tFfSQel80MUFO/Chd1q8kehZOYmDb
Score10/10-
Detects Smokeloader packer
-
Modifies WinLogon for persistence
-
Async RAT payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-