General
-
Target
cbf0b5ad9b04b05a29801569c35e2a80.bin
-
Size
164KB
-
Sample
230328-cvqtwaad3x
-
MD5
d168a2d5b46f693d728670fb8b71880e
-
SHA1
cf0c1b9790e7c2096dd1164dec365dc8d7d2203f
-
SHA256
40d54ff7d6cf461413250eb4ea783812873754e13f4d8ea153d875be3ddfab79
-
SHA512
5092d25133166ae448ca3aad961c858ac71135a09dd6521e5ab4204de76c8d35111530fb5495dae942c6ed30a20c8566987b4444373d018f4599d662db504215
-
SSDEEP
3072:ODb74pLRMD7meQAPmkTpMNA4aHNow39NeSU5ImwfTGOX3CLPqNwr5YBln/ZuZZv3:ODvsiDqeNIK05twfqOHCLCuuIZf
Static task
static1
Behavioral task
behavioral1
Sample
407b7978d56e8808cc8615d041d9ab8b6491032a99c9979caeb73e8721dd4edc.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
407b7978d56e8808cc8615d041d9ab8b6491032a99c9979caeb73e8721dd4edc.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
smokeloader
lab
Extracted
smokeloader
2020
http://host-file-host6.com/
http://host-host-file8.com/
Targets
-
-
Target
407b7978d56e8808cc8615d041d9ab8b6491032a99c9979caeb73e8721dd4edc.exe
-
Size
274KB
-
MD5
cbf0b5ad9b04b05a29801569c35e2a80
-
SHA1
b2e8d7645e8e4b0b4edf72fd5f90569eb46e2542
-
SHA256
407b7978d56e8808cc8615d041d9ab8b6491032a99c9979caeb73e8721dd4edc
-
SHA512
435134495075ccbd8439df1f9a022e13a59b2a9bade83ff6d9a48e377c469ea889a639f042e829b1a3d44295a657e878da9a47886023b8c02ad8cc151589e5aa
-
SSDEEP
3072:Z3do2E9NTud8WxIYW0ukE1bZvfP1FYe9Ipm3Xo4vY0FArRQE/wpNN4TJY:GhXW+YWTogY4g0mFX/eNN4T
Score10/10-
Suspicious use of SetThreadContext
-