General
-
Target
file.exe
-
Size
220KB
-
Sample
221221-ffnyhsbf78
-
MD5
fcfa03e0a403007b0c0f3237eb76c744
-
SHA1
60682f3ee476fe546d0f4a107b19e6d39184f880
-
SHA256
c1e243c1e46bca4b8472c39fa7f249513e3838ce0557ca66a41fe43d0b41e139
-
SHA512
9e177d191ecb38f776970889790518703096766d8f76c53faaeff9a28e97695cf431a59629d7edb30ac2d3a4a63ab11d58e5531f2c20434a0d20b5ea9dae2785
-
SSDEEP
3072:4bHa1HLVd115sR7/4/uKjr9ZOOIsXGp2vX1ZWV7b/mNwdo+DNHCDml:cHkHLVdu7/VKj5djv/+4wZxCa
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
file.exe
-
Size
220KB
-
MD5
fcfa03e0a403007b0c0f3237eb76c744
-
SHA1
60682f3ee476fe546d0f4a107b19e6d39184f880
-
SHA256
c1e243c1e46bca4b8472c39fa7f249513e3838ce0557ca66a41fe43d0b41e139
-
SHA512
9e177d191ecb38f776970889790518703096766d8f76c53faaeff9a28e97695cf431a59629d7edb30ac2d3a4a63ab11d58e5531f2c20434a0d20b5ea9dae2785
-
SSDEEP
3072:4bHa1HLVd115sR7/4/uKjr9ZOOIsXGp2vX1ZWV7b/mNwdo+DNHCDml:cHkHLVdu7/VKj5djv/+4wZxCa
-
Detects Smokeloader packer
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-