General
-
Target
400f588f2e07946fb70f43a51bc838b90cb01ebe61074199289a343a2a6f9c96
-
Size
178KB
-
Sample
230320-pvw24sfe7z
-
MD5
d2b0521f656b6808ef648e63f53e16e9
-
SHA1
26cd29952ec302b4ee7f1e4c85dd66b1b0144d73
-
SHA256
400f588f2e07946fb70f43a51bc838b90cb01ebe61074199289a343a2a6f9c96
-
SHA512
82a5209e8c65301ed9e922b71bc49ca0a2653c781da391af6243966ee7572c301f25a41e7fb8f0b513b9a25899d0ca0a898f9a6e9204da016a6b9ee4c333aedb
-
SSDEEP
3072:rlDHoyGiMXPsLoXeq5p07hdlRR4jcPGdh+:FIydta5p0XR4jEG
Static task
static1
Behavioral task
behavioral1
Sample
400f588f2e07946fb70f43a51bc838b90cb01ebe61074199289a343a2a6f9c96.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
smokeloader
lab
Extracted
smokeloader
2020
http://host-file-host6.com/
http://host-host-file8.com/
Targets
-
-
Target
400f588f2e07946fb70f43a51bc838b90cb01ebe61074199289a343a2a6f9c96
-
Size
178KB
-
MD5
d2b0521f656b6808ef648e63f53e16e9
-
SHA1
26cd29952ec302b4ee7f1e4c85dd66b1b0144d73
-
SHA256
400f588f2e07946fb70f43a51bc838b90cb01ebe61074199289a343a2a6f9c96
-
SHA512
82a5209e8c65301ed9e922b71bc49ca0a2653c781da391af6243966ee7572c301f25a41e7fb8f0b513b9a25899d0ca0a898f9a6e9204da016a6b9ee4c333aedb
-
SSDEEP
3072:rlDHoyGiMXPsLoXeq5p07hdlRR4jcPGdh+:FIydta5p0XR4jEG
Score10/10-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-