General
-
Target
470259db6840ebc8256faa7c44782d9efa47579dac57cf5f1fa88a4124130492
-
Size
220KB
-
Sample
221221-c8rnbsbe52
-
MD5
8b23d09dbc3017a73fa22730685e549b
-
SHA1
a66e17d08719f5de9b15852f7f96451fcdb033a2
-
SHA256
470259db6840ebc8256faa7c44782d9efa47579dac57cf5f1fa88a4124130492
-
SHA512
a32869ff241650f419dbcc11b47b9ede48ccfcc23e464bea0e9ab5bea2325b80beb215ff641bb16c8f57cf9dd0ebf85279e4e72b0582e625b1be1db24e8f5d59
-
SSDEEP
3072:notA0Lv4115ZvCplRZLi6EiEXUbM7PsBy7b/9jKcNHCDml:oHLv4LvCpx26EieuMzssRnCa
Static task
static1
Malware Config
Targets
-
-
Target
470259db6840ebc8256faa7c44782d9efa47579dac57cf5f1fa88a4124130492
-
Size
220KB
-
MD5
8b23d09dbc3017a73fa22730685e549b
-
SHA1
a66e17d08719f5de9b15852f7f96451fcdb033a2
-
SHA256
470259db6840ebc8256faa7c44782d9efa47579dac57cf5f1fa88a4124130492
-
SHA512
a32869ff241650f419dbcc11b47b9ede48ccfcc23e464bea0e9ab5bea2325b80beb215ff641bb16c8f57cf9dd0ebf85279e4e72b0582e625b1be1db24e8f5d59
-
SSDEEP
3072:notA0Lv4115ZvCplRZLi6EiEXUbM7PsBy7b/9jKcNHCDml:oHLv4LvCpx26EieuMzssRnCa
-
Detects Smokeloader packer
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-