General
-
Target
b47bd96dd25ff8e56c09f5fc5ec2d26817b48296ab30e571d9b0922bb663085f
-
Size
298KB
-
Sample
230206-xd8ctaae9w
-
MD5
884d6935e1ef87466fd551de778aa18b
-
SHA1
3ac31c9b85974ef65996ca22b866a0b8f3410803
-
SHA256
b47bd96dd25ff8e56c09f5fc5ec2d26817b48296ab30e571d9b0922bb663085f
-
SHA512
3182555dd4fe760ddf1e4048e3217cfc7689276de9d05deaf188bcd372f9ae861758336f830cfaec013bbda4cb3887db7a118726e72403f3a7c70b1fd2bc16f7
-
SSDEEP
6144:C/ENOLm5KY3uuSyaj7XbK62awYuQj94a:C8QiUY3uuSyo7fJljS
Static task
static1
Behavioral task
behavioral1
Sample
b47bd96dd25ff8e56c09f5fc5ec2d26817b48296ab30e571d9b0922bb663085f.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
b47bd96dd25ff8e56c09f5fc5ec2d26817b48296ab30e571d9b0922bb663085f
-
Size
298KB
-
MD5
884d6935e1ef87466fd551de778aa18b
-
SHA1
3ac31c9b85974ef65996ca22b866a0b8f3410803
-
SHA256
b47bd96dd25ff8e56c09f5fc5ec2d26817b48296ab30e571d9b0922bb663085f
-
SHA512
3182555dd4fe760ddf1e4048e3217cfc7689276de9d05deaf188bcd372f9ae861758336f830cfaec013bbda4cb3887db7a118726e72403f3a7c70b1fd2bc16f7
-
SSDEEP
6144:C/ENOLm5KY3uuSyaj7XbK62awYuQj94a:C8QiUY3uuSyo7fJljS
-
Detects Smokeloader packer
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-