General
-
Target
423836be3f255bb3f0f2a2524cd24b979ab2f6f8149fd518790de7c4e1b63d02
-
Size
311KB
-
Sample
221219-p1hfxafa42
-
MD5
a034cbb1ffdcc27f1eb9d3e90d03a638
-
SHA1
88d16b6e1b93389a89a2b86a6d57c512b57b678d
-
SHA256
423836be3f255bb3f0f2a2524cd24b979ab2f6f8149fd518790de7c4e1b63d02
-
SHA512
cae1ba18bd3483c34a2d13731c8e9fdd7cec0d0121b62f842b8eb6fda97f5032af0970f149da953a01ea7bebdd828ffc003a5abc45936c56d4c08b3a109d2376
-
SSDEEP
6144:40AALtEZ8Ubf52YC96UOQ8IXa1atOgkfH4rWlRjO1n:407hEZ8UbtC4UE1wOgjrW9u
Static task
static1
Malware Config
Targets
-
-
Target
423836be3f255bb3f0f2a2524cd24b979ab2f6f8149fd518790de7c4e1b63d02
-
Size
311KB
-
MD5
a034cbb1ffdcc27f1eb9d3e90d03a638
-
SHA1
88d16b6e1b93389a89a2b86a6d57c512b57b678d
-
SHA256
423836be3f255bb3f0f2a2524cd24b979ab2f6f8149fd518790de7c4e1b63d02
-
SHA512
cae1ba18bd3483c34a2d13731c8e9fdd7cec0d0121b62f842b8eb6fda97f5032af0970f149da953a01ea7bebdd828ffc003a5abc45936c56d4c08b3a109d2376
-
SSDEEP
6144:40AALtEZ8Ubf52YC96UOQ8IXa1atOgkfH4rWlRjO1n:407hEZ8UbtC4UE1wOgjrW9u
-
Detects Smokeloader packer
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-