General
-
Target
028e24a26eb6bc61d71b5913b990b12b074d3a4240dcc18c18440948204e3835
-
Size
214KB
-
Sample
221221-ajr7fsbd27
-
MD5
afd3e0f6ef7f7bd3a63335c15dd2bbb0
-
SHA1
a5ca0f9a057c4f2245a3376cf8a51844584277b8
-
SHA256
028e24a26eb6bc61d71b5913b990b12b074d3a4240dcc18c18440948204e3835
-
SHA512
d951b5c8dc843d06060d727515284f1a6b254a65adbc6ce846652a8eeba02a8415da684cda4c74a4c6e9c2161d10b24572f5b28fa5ec3667a3ddc39ed695b7a9
-
SSDEEP
3072:kGPTuLNbTPCM15j0tPi3n7tRIiQkJOPYYL7b/29XJIh7NHCDml:5KLNHPKFihGiQO0Tu9XKh5Ca
Static task
static1
Behavioral task
behavioral1
Sample
028e24a26eb6bc61d71b5913b990b12b074d3a4240dcc18c18440948204e3835.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
028e24a26eb6bc61d71b5913b990b12b074d3a4240dcc18c18440948204e3835
-
Size
214KB
-
MD5
afd3e0f6ef7f7bd3a63335c15dd2bbb0
-
SHA1
a5ca0f9a057c4f2245a3376cf8a51844584277b8
-
SHA256
028e24a26eb6bc61d71b5913b990b12b074d3a4240dcc18c18440948204e3835
-
SHA512
d951b5c8dc843d06060d727515284f1a6b254a65adbc6ce846652a8eeba02a8415da684cda4c74a4c6e9c2161d10b24572f5b28fa5ec3667a3ddc39ed695b7a9
-
SSDEEP
3072:kGPTuLNbTPCM15j0tPi3n7tRIiQkJOPYYL7b/29XJIh7NHCDml:5KLNHPKFihGiQO0Tu9XKh5Ca
-
Detects Smokeloader packer
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-