General
-
Target
cc34204494d316e46e26cd28b13d6a7ac540f7d0b6058c026e37fc83ec55aee6
-
Size
141KB
-
Sample
221219-gqmzmshd3w
-
MD5
50cd109c45578dc90c4c58c8320d18fe
-
SHA1
f72cfed0d748a66691e54d631f33564e95012cba
-
SHA256
6fb567b54bada67b584da1ba8a8ff06df7f36432c1aca95b2e070bca67483410
-
SHA512
56b75a9089a8dd33a6be14a8b93478f7b3213a16ce6062e040842095e0c98c7d4ea13f4191dd91f554e8b17722388267a1628a1c4ade49f55615a387791d6485
-
SSDEEP
3072:6Mw+yRsZagmOtKb5a/LxgcUeh0Pk5y3PdAuQSC1ixK:bfSYk5Ydg80PuUPKYK
Static task
static1
Behavioral task
behavioral1
Sample
cc34204494d316e46e26cd28b13d6a7ac540f7d0b6058c026e37fc83ec55aee6.exe
Resource
win7-20221111-en
Malware Config
Targets
-
-
Target
cc34204494d316e46e26cd28b13d6a7ac540f7d0b6058c026e37fc83ec55aee6
-
Size
214KB
-
MD5
251a41fc5e568b24574e7a0649679240
-
SHA1
5f0ce9ee0c94d5e0d0c64ac435f4a1f6241ed2a1
-
SHA256
cc34204494d316e46e26cd28b13d6a7ac540f7d0b6058c026e37fc83ec55aee6
-
SHA512
60c8feca298910e7606a3b3b4364423f5585f9a4b8f454dab92a23b06d2118d6eef34cbafbb14b2fa3e08f8c92f8ff7cb43f8f60b320e7bc6212ae2aef66f89a
-
SSDEEP
6144:Q9MLzWvtOIx+kkS169CKxPgnYypx+hH0MjlVklPH:Q9MvWv8IEkFwfPgvXuJlU
-
Detects Smokeloader packer
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-