General
-
Target
1550510aa27041e5d414070d4b10af13d3ca1e44f86c351e8498e52b0939f2f3
-
Size
142KB
-
Sample
221219-gw3x2shd4t
-
MD5
dd79df2475e6c7dce89345038d971757
-
SHA1
75e592153242043b5b023671d767a587186ca5bd
-
SHA256
dcc853847586e58eba2fa616f693cdec7428cdcfcd85d40cb4d175929ba402cd
-
SHA512
ade6bc88de2da9e1aa6ef1d70638ce36cc79bc7524b6186eafdad18b9b80694e735e62679489f87f042ba2b1053d6cd451bf80412ed33c4c3e060f42c814dfdc
-
SSDEEP
3072:LFkCWNga7wIcYjCbeJCbKMOY3vUHfG5chAPJuwJ+p6rG:ZWiBYObwCbKM93s/mcWBpVy
Static task
static1
Behavioral task
behavioral1
Sample
1550510aa27041e5d414070d4b10af13d3ca1e44f86c351e8498e52b0939f2f3.exe
Resource
win7-20221111-en
Malware Config
Targets
-
-
Target
1550510aa27041e5d414070d4b10af13d3ca1e44f86c351e8498e52b0939f2f3
-
Size
214KB
-
MD5
3a169176f43bac6c9c629071b6ac513b
-
SHA1
782aa22755e4c862c3eab8a3aa70ae4c08170922
-
SHA256
1550510aa27041e5d414070d4b10af13d3ca1e44f86c351e8498e52b0939f2f3
-
SHA512
df820fb5296753b05c8edf74db8ff227801494e03b9b7c1e0d1c6d5f7b5012a4421820c6db215a85dc56b7bd03ff9b84a488651d47070397eb3055cece178d24
-
SSDEEP
3072:FQOs2LR24RRhMbpyUifPwVSRch12Q6h+ThDg3uwlbZHPvHOil3lk025PH:C+LoTbti3wVG08iVU+41vvjlVklPH
-
Detects Smokeloader packer
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-