General
-
Target
179aa4bcf4e0e9c6b0e332d50b208d5c32dcd988ff09513f70d10fb31c8768fc
-
Size
214KB
-
Sample
221220-t2j4caac95
-
MD5
c20702bae9923a2e00e3efdd5b9f6777
-
SHA1
11192da662881ca0e43c46bc2246392e3dd16f25
-
SHA256
179aa4bcf4e0e9c6b0e332d50b208d5c32dcd988ff09513f70d10fb31c8768fc
-
SHA512
0c350b17ee871016267d3be2604f7aef0ae2c8b5963e0955e133f9312538063fc588495da1fa14d8372eef72b6d7713af16ab1914eebe38129f986dce8cd6adc
-
SSDEEP
3072:VCTILm3D4N5hfEHzF4sKUGfUtNh6NLoG7b/cW5lyCggtNHCDml:Y8Lm3DGsKU/tNh6fWC1PCa
Static task
static1
Malware Config
Targets
-
-
Target
179aa4bcf4e0e9c6b0e332d50b208d5c32dcd988ff09513f70d10fb31c8768fc
-
Size
214KB
-
MD5
c20702bae9923a2e00e3efdd5b9f6777
-
SHA1
11192da662881ca0e43c46bc2246392e3dd16f25
-
SHA256
179aa4bcf4e0e9c6b0e332d50b208d5c32dcd988ff09513f70d10fb31c8768fc
-
SHA512
0c350b17ee871016267d3be2604f7aef0ae2c8b5963e0955e133f9312538063fc588495da1fa14d8372eef72b6d7713af16ab1914eebe38129f986dce8cd6adc
-
SSDEEP
3072:VCTILm3D4N5hfEHzF4sKUGfUtNh6NLoG7b/cW5lyCggtNHCDml:Y8Lm3DGsKU/tNh6fWC1PCa
-
Detects Smokeloader packer
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-