General
-
Target
87d32d3297e61ec74139be66495d50ea31a60e44bad698e20fc4449dd56ed032
-
Size
383KB
-
Sample
221209-svwywsgc8v
-
MD5
4589373538dde9065d80c540d267d1cb
-
SHA1
72b31155293a305b0e89420f99cf3fab60c3a3c6
-
SHA256
87d32d3297e61ec74139be66495d50ea31a60e44bad698e20fc4449dd56ed032
-
SHA512
0c7fd0d1a9d79c07e9174b9b2e7597909409f19ac6f365b8f76e2a4dc9d655f2b328ed960d1be1021290651d3ee801eace6f04099fd9ada04ed2f60c6f1b1c89
-
SSDEEP
6144:wh7L8svVrHBDZFil1BG91hh6K9W9AgdtIDXvded89kTR:wpQsvRhDqGIK9W9AgdtIDXgaw
Static task
static1
Malware Config
Targets
-
-
Target
87d32d3297e61ec74139be66495d50ea31a60e44bad698e20fc4449dd56ed032
-
Size
383KB
-
MD5
4589373538dde9065d80c540d267d1cb
-
SHA1
72b31155293a305b0e89420f99cf3fab60c3a3c6
-
SHA256
87d32d3297e61ec74139be66495d50ea31a60e44bad698e20fc4449dd56ed032
-
SHA512
0c7fd0d1a9d79c07e9174b9b2e7597909409f19ac6f365b8f76e2a4dc9d655f2b328ed960d1be1021290651d3ee801eace6f04099fd9ada04ed2f60c6f1b1c89
-
SSDEEP
6144:wh7L8svVrHBDZFil1BG91hh6K9W9AgdtIDXvded89kTR:wpQsvRhDqGIK9W9AgdtIDXgaw
-
Detects Smokeloader packer
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Deletes itself
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-