General
-
Target
7509ea45ab058a6242b876415a9bfdc5b7457e2b9855eea7c3c363e0cb80e86f
-
Size
250KB
-
Sample
230323-lhhr6sgf8w
-
MD5
27347c06e249accdd820c1ea70008c8b
-
SHA1
69800d4b0163d6d33f33198b0efd9391a39b4c64
-
SHA256
7509ea45ab058a6242b876415a9bfdc5b7457e2b9855eea7c3c363e0cb80e86f
-
SHA512
5ffa342a7cc6c5603214f9a74596779137ea3edcab513807c3bfbf5090e4c48e9e885f4c32d5d4c2bfd050559bc9d53138a19f477f5f7487930ec5db16e6f7ee
-
SSDEEP
3072:Y8Oaz0PfBrE1cYpLVr6T9abxY7w1isW754uXiRAElR0XPO5h84K49:sM4YpLVW0beQK75XiRA1Cr
Static task
static1
Malware Config
Extracted
smokeloader
sprg
Extracted
smokeloader
2022
http://hoh0aeghwugh2gie.com/
http://hie7doodohpae4na.com/
http://aek0aicifaloh1yo.com/
http://yic0oosaeiy7ahng.com/
http://wa5zu7sekai8xeih.com/
Targets
-
-
Target
7509ea45ab058a6242b876415a9bfdc5b7457e2b9855eea7c3c363e0cb80e86f
-
Size
250KB
-
MD5
27347c06e249accdd820c1ea70008c8b
-
SHA1
69800d4b0163d6d33f33198b0efd9391a39b4c64
-
SHA256
7509ea45ab058a6242b876415a9bfdc5b7457e2b9855eea7c3c363e0cb80e86f
-
SHA512
5ffa342a7cc6c5603214f9a74596779137ea3edcab513807c3bfbf5090e4c48e9e885f4c32d5d4c2bfd050559bc9d53138a19f477f5f7487930ec5db16e6f7ee
-
SSDEEP
3072:Y8Oaz0PfBrE1cYpLVr6T9abxY7w1isW754uXiRAElR0XPO5h84K49:sM4YpLVW0beQK75XiRA1Cr
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-