General
-
Target
7469d0cd788a1c8b70791cfb5feac28996ace578284e9c3716272deb581d20e8
-
Size
273KB
-
Sample
221206-c8xjkshc34
-
MD5
6d6bc4376858c3b88b9c2de727b52f20
-
SHA1
64733ba0346157411908de72b6aad6adc1cf5ab4
-
SHA256
7469d0cd788a1c8b70791cfb5feac28996ace578284e9c3716272deb581d20e8
-
SHA512
5bacb1260bd67bcc37ccab077d7f127a7b8a0d7aa16c4f58cb0b5a48b0505d2acfe8e1fb64956978c4393c93d1eb3137753e4a24d7d1224b77f32ef183381e11
-
SSDEEP
3072:FgXVP9YOHsTtJ50xWR5Tsv+gcZZvtsFDXkBYj90liVRvJTcpLWxJmiYgV2qs64j:FUMJ50qszStsFrkyB0lIDc1GJmyVS
Static task
static1
Behavioral task
behavioral1
Sample
7469d0cd788a1c8b70791cfb5feac28996ace578284e9c3716272deb581d20e8.exe
Resource
win10-20220812-en
Malware Config
Targets
-
-
Target
7469d0cd788a1c8b70791cfb5feac28996ace578284e9c3716272deb581d20e8
-
Size
273KB
-
MD5
6d6bc4376858c3b88b9c2de727b52f20
-
SHA1
64733ba0346157411908de72b6aad6adc1cf5ab4
-
SHA256
7469d0cd788a1c8b70791cfb5feac28996ace578284e9c3716272deb581d20e8
-
SHA512
5bacb1260bd67bcc37ccab077d7f127a7b8a0d7aa16c4f58cb0b5a48b0505d2acfe8e1fb64956978c4393c93d1eb3137753e4a24d7d1224b77f32ef183381e11
-
SSDEEP
3072:FgXVP9YOHsTtJ50xWR5Tsv+gcZZvtsFDXkBYj90liVRvJTcpLWxJmiYgV2qs64j:FUMJ50qszStsFrkyB0lIDc1GJmyVS
-
Detects Smokeloader packer
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Deletes itself
-
Loads dropped DLL
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-