General
-
Target
79eb0de65e77c00a9574910ba6443770a37c872d9fc6865086f5ecfeed82e46e
-
Size
194KB
-
Sample
221204-dbwrfsaf56
-
MD5
84bb324177d655078864b9e0a1c6827f
-
SHA1
c82326bdd84a1d6a2858e654499159bd7b2b2bb5
-
SHA256
cceabd2f1ae77df49fdc6fdc7844e98d2f5c84003d769722c0d59d869b224d45
-
SHA512
b417b3b1f24fe99526a5e5b6c859de84edf9b44762cf3f648abc53f7b6a67c414163a505bf4773b166adf85606464da4d57968a8ca7f442504f5a7758d4acb84
-
SSDEEP
3072:Va8/2M1Iu6c3qD/Ac8malQOnyT0q8pamVtSq1vQ2kft3MpxKZXdwuJgNMHew:VaPwvA/Ac8mmQsyT057V3JktcfKZt6yf
Static task
static1
Behavioral task
behavioral1
Sample
79eb0de65e77c00a9574910ba6443770a37c872d9fc6865086f5ecfeed82e46e.exe
Resource
win7-20221111-en
Malware Config
Extracted
vidar
56
1148
https://t.me/asifrazatg
https://steamcommunity.com/profiles/76561199439929669
-
profile_id
1148
Targets
-
-
Target
79eb0de65e77c00a9574910ba6443770a37c872d9fc6865086f5ecfeed82e46e
-
Size
349KB
-
MD5
3c92e5261ce478c35357356eab2d02a6
-
SHA1
9621379903f13c177a2e53a0561a1b768a56ab59
-
SHA256
79eb0de65e77c00a9574910ba6443770a37c872d9fc6865086f5ecfeed82e46e
-
SHA512
5d48bb4e4e9915f7c3dcb394b8db743afd8e07bda0c4d6811168e770c9ea624d0f6f91f15904949a3fa2d069c343a62b2d7977780f29060d79d817a5fcd0ed4c
-
SSDEEP
6144:oOqIyHL+AiRYKRqtDfLKaHdMbPpwjaPuRjMgUt:o/7HsRY7hGauKRQg
-
Detects Smokeloader packer
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of SetThreadContext
-