General
-
Target
file.exe
-
Size
216KB
-
Sample
221220-3nt6tsbc97
-
MD5
eebcd01fc997437a9e8d0d5d3251aa3d
-
SHA1
aee6094f3b7ebdd47ba91caac386f152db2355a1
-
SHA256
09ed41266242f1d86d54ea3902344cdc9b5852a57a918f0d01e178fcd92a66fa
-
SHA512
a7d45ba85cec8b6a1af81d772705ba0f8069b4e5d1f7ba6f831cfe4a145a8d1652685bd48dcc5817fe9de13fae686ba6af190da302d8e78c99fcb2cd6074a2b9
-
SSDEEP
3072:c/iJL5k8V5HrxXLxEwfWu1G1cWppLJg9Hu7b/t9jvCPNHCDml:ySL5ksFzG1nLsml9WFCa
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20220901-en
Malware Config
Targets
-
-
Target
file.exe
-
Size
216KB
-
MD5
eebcd01fc997437a9e8d0d5d3251aa3d
-
SHA1
aee6094f3b7ebdd47ba91caac386f152db2355a1
-
SHA256
09ed41266242f1d86d54ea3902344cdc9b5852a57a918f0d01e178fcd92a66fa
-
SHA512
a7d45ba85cec8b6a1af81d772705ba0f8069b4e5d1f7ba6f831cfe4a145a8d1652685bd48dcc5817fe9de13fae686ba6af190da302d8e78c99fcb2cd6074a2b9
-
SSDEEP
3072:c/iJL5k8V5HrxXLxEwfWu1G1cWppLJg9Hu7b/t9jvCPNHCDml:ySL5ksFzG1nLsml9WFCa
-
Detects Smokeloader packer
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-