General
-
Target
setup.exe
-
Size
250KB
-
Sample
230328-bl84esaa71
-
MD5
04e32b3bd11f6233afb0e106da867aa8
-
SHA1
c4750a98073df743fe04bf542df0faee2bdea4c5
-
SHA256
4e5f3fb701c0ba7a67dfbe0f1578fd497769f2d3397cc6310a444e9e0740afb6
-
SHA512
233f6d94ab81501e652cc6dd326f61416b37429b068dd0105951c8f8f01e61f57f27b20492309858e188d8cb639e34fecc0e0b9880bd846e3e5fac4420356c16
-
SSDEEP
3072:nVuaHyfVd/lxLLqfe5FRPN4pdWBVAyeO3jBJr2GOOIpzjdwj5Ev/Hc:oOyfJxLeEidnGOTFjb
Static task
static1
Behavioral task
behavioral1
Sample
setup.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
setup.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
smokeloader
lab
Extracted
smokeloader
2020
http://host-file-host6.com/
http://host-host-file8.com/
Targets
-
-
Target
setup.exe
-
Size
250KB
-
MD5
04e32b3bd11f6233afb0e106da867aa8
-
SHA1
c4750a98073df743fe04bf542df0faee2bdea4c5
-
SHA256
4e5f3fb701c0ba7a67dfbe0f1578fd497769f2d3397cc6310a444e9e0740afb6
-
SHA512
233f6d94ab81501e652cc6dd326f61416b37429b068dd0105951c8f8f01e61f57f27b20492309858e188d8cb639e34fecc0e0b9880bd846e3e5fac4420356c16
-
SSDEEP
3072:nVuaHyfVd/lxLLqfe5FRPN4pdWBVAyeO3jBJr2GOOIpzjdwj5Ev/Hc:oOyfJxLeEidnGOTFjb
Score10/10-
Suspicious use of SetThreadContext
-