General
-
Target
file.exe
-
Size
220KB
-
Sample
221221-c21bwsbe45
-
MD5
10284282f79b91bed875fde9f063739d
-
SHA1
e10112f1ae9bf0eb94ec12446a3bb42f355834c1
-
SHA256
37397d4daba951caf74ad3438dfaf81709fbb8e37df7f441ae38c515418ff0c9
-
SHA512
8b47b8cc64b1a6f86b5f5032cdba44b974186e8c1e55034b4568f782d250927ded315889b831102f501d6df39e018d0c3b8802a739ddd5d29c9600a31e3cc078
-
SSDEEP
3072:tLk7LiGf115+wMmmxBnYgdTb1T1EqeIVk2B1V7b/H4uNHCDml:l6LiGfgVX9Jflkyf4sCa
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20220901-en
Malware Config
Targets
-
-
Target
file.exe
-
Size
220KB
-
MD5
10284282f79b91bed875fde9f063739d
-
SHA1
e10112f1ae9bf0eb94ec12446a3bb42f355834c1
-
SHA256
37397d4daba951caf74ad3438dfaf81709fbb8e37df7f441ae38c515418ff0c9
-
SHA512
8b47b8cc64b1a6f86b5f5032cdba44b974186e8c1e55034b4568f782d250927ded315889b831102f501d6df39e018d0c3b8802a739ddd5d29c9600a31e3cc078
-
SSDEEP
3072:tLk7LiGf115+wMmmxBnYgdTb1T1EqeIVk2B1V7b/H4uNHCDml:l6LiGfgVX9Jflkyf4sCa
-
Detects Smokeloader packer
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-