General
-
Target
1fb7dd7192b8a4eb7deaccf37ea4cc8ddef62784cce137fd4e5445800e2d6875
-
Size
305KB
-
Sample
221219-j649zahe9w
-
MD5
7e2587f9abd6549a88072d135730580a
-
SHA1
3035343a78141807b53c016387cbc1518da1dabf
-
SHA256
1fb7dd7192b8a4eb7deaccf37ea4cc8ddef62784cce137fd4e5445800e2d6875
-
SHA512
7d7fbe4a9b9b4c290b1a756fb0e076a2b8752b074e0845c86970526136ccb23c8691575ea52f06a0199fb8ae261432f9ea075b34fa55b52107e2db25cd0b7d46
-
SSDEEP
6144:TRgeL+GHqAVQujE9DkhkNokN0iPvzpQ6rFiaI:THSGHqA2uw28xnzpQ6rF
Static task
static1
Behavioral task
behavioral1
Sample
1fb7dd7192b8a4eb7deaccf37ea4cc8ddef62784cce137fd4e5445800e2d6875.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
1fb7dd7192b8a4eb7deaccf37ea4cc8ddef62784cce137fd4e5445800e2d6875
-
Size
305KB
-
MD5
7e2587f9abd6549a88072d135730580a
-
SHA1
3035343a78141807b53c016387cbc1518da1dabf
-
SHA256
1fb7dd7192b8a4eb7deaccf37ea4cc8ddef62784cce137fd4e5445800e2d6875
-
SHA512
7d7fbe4a9b9b4c290b1a756fb0e076a2b8752b074e0845c86970526136ccb23c8691575ea52f06a0199fb8ae261432f9ea075b34fa55b52107e2db25cd0b7d46
-
SSDEEP
6144:TRgeL+GHqAVQujE9DkhkNokN0iPvzpQ6rFiaI:THSGHqA2uw28xnzpQ6rF
-
Detects Smokeloader packer
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Sets DLL path for service in the registry
-
Sets service image path in registry
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-