General
-
Target
be857d3359bc69888a68cfcf65ce7e042d0cdd1cb46c6729941d9117eb1e4348
-
Size
320KB
-
Sample
221206-gxtqrseb7s
-
MD5
0b15593f7c3f3533ccdc5acb09f52f2c
-
SHA1
59586e724c47ea28fab0ff6c0f1ba95d08e3ff8a
-
SHA256
be857d3359bc69888a68cfcf65ce7e042d0cdd1cb46c6729941d9117eb1e4348
-
SHA512
34d3b9b6839fdec05473540a9cf71f5e75da5488bd704838e0823454e5bc0cb525115513b4b1be49ee3c2251de73c63e2c45b6886c3c17c29660902b276dba3a
-
SSDEEP
6144:Ad7N4yeILgLTJieu2T+7Lf9Ld+c8vP6/BqUjxF:Ad72yjsLTJip2a7b+cRxF
Static task
static1
Behavioral task
behavioral1
Sample
be857d3359bc69888a68cfcf65ce7e042d0cdd1cb46c6729941d9117eb1e4348.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
be857d3359bc69888a68cfcf65ce7e042d0cdd1cb46c6729941d9117eb1e4348
-
Size
320KB
-
MD5
0b15593f7c3f3533ccdc5acb09f52f2c
-
SHA1
59586e724c47ea28fab0ff6c0f1ba95d08e3ff8a
-
SHA256
be857d3359bc69888a68cfcf65ce7e042d0cdd1cb46c6729941d9117eb1e4348
-
SHA512
34d3b9b6839fdec05473540a9cf71f5e75da5488bd704838e0823454e5bc0cb525115513b4b1be49ee3c2251de73c63e2c45b6886c3c17c29660902b276dba3a
-
SSDEEP
6144:Ad7N4yeILgLTJieu2T+7Lf9Ld+c8vP6/BqUjxF:Ad72yjsLTJip2a7b+cRxF
-
Detects Smokeloader packer
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-