General
-
Target
3549d76fa5cba791831358a7a034dd7b1dde1d30c654ab2d45a824dfd8cefc08
-
Size
320KB
-
Sample
221206-f534qsce5v
-
MD5
6b965fe88e20b634892675ebd0dfac27
-
SHA1
88e2890cb3545d6d28b518b6bf0fff3148ae11aa
-
SHA256
3549d76fa5cba791831358a7a034dd7b1dde1d30c654ab2d45a824dfd8cefc08
-
SHA512
c46dcf9453f40cf8b41e3099ce6c62c0ba5db15269b97bf4af909f2ff7cf4ceb618779c5aca8e5de9e601893fc48f39786b45f84c6f0eb1fef77541f355b214b
-
SSDEEP
6144:QjNBy+/L21T8xe6ySlk/WOL7CCB/UvZhbmHyMkE6VWF:Qjzyka1T8xpgLGCGRhbmXF6VWF
Static task
static1
Behavioral task
behavioral1
Sample
3549d76fa5cba791831358a7a034dd7b1dde1d30c654ab2d45a824dfd8cefc08.exe
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
3549d76fa5cba791831358a7a034dd7b1dde1d30c654ab2d45a824dfd8cefc08
-
Size
320KB
-
MD5
6b965fe88e20b634892675ebd0dfac27
-
SHA1
88e2890cb3545d6d28b518b6bf0fff3148ae11aa
-
SHA256
3549d76fa5cba791831358a7a034dd7b1dde1d30c654ab2d45a824dfd8cefc08
-
SHA512
c46dcf9453f40cf8b41e3099ce6c62c0ba5db15269b97bf4af909f2ff7cf4ceb618779c5aca8e5de9e601893fc48f39786b45f84c6f0eb1fef77541f355b214b
-
SSDEEP
6144:QjNBy+/L21T8xe6ySlk/WOL7CCB/UvZhbmHyMkE6VWF:Qjzyka1T8xpgLGCGRhbmXF6VWF
-
Detects Smokeloader packer
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-