General
-
Target
530f5d616351de3f5081638700fa9efb35ef3b73c671c02aa0c185c6aaed42ac
-
Size
270KB
-
Sample
230328-h511gsbd3t
-
MD5
d4f8b7ae1c91d292bb175f6a977f648b
-
SHA1
639bb2d5322785e4b2e2c6cf54fd2a2a50b4ae6a
-
SHA256
530f5d616351de3f5081638700fa9efb35ef3b73c671c02aa0c185c6aaed42ac
-
SHA512
9200a9e67453cd576d28f4a50ca46e344a8e4e26c2a44199a3f913ef92a965cfbf9e4283c4399a28877a265ffe789c3784b8136247c27a39fa4e00ca6a821f5d
-
SSDEEP
3072:MzBQZu2+UOWJoxjpBTAhzt8vfvC/4Ka2SYoDdXb0j34o5lmhZ:uhWCjpBUhz3xJyJ0j3A
Static task
static1
Behavioral task
behavioral1
Sample
530f5d616351de3f5081638700fa9efb35ef3b73c671c02aa0c185c6aaed42ac.exe
Resource
win10-20230220-en
Malware Config
Extracted
smokeloader
lab
Extracted
smokeloader
2020
http://host-file-host6.com/
http://host-host-file8.com/
Targets
-
-
Target
530f5d616351de3f5081638700fa9efb35ef3b73c671c02aa0c185c6aaed42ac
-
Size
270KB
-
MD5
d4f8b7ae1c91d292bb175f6a977f648b
-
SHA1
639bb2d5322785e4b2e2c6cf54fd2a2a50b4ae6a
-
SHA256
530f5d616351de3f5081638700fa9efb35ef3b73c671c02aa0c185c6aaed42ac
-
SHA512
9200a9e67453cd576d28f4a50ca46e344a8e4e26c2a44199a3f913ef92a965cfbf9e4283c4399a28877a265ffe789c3784b8136247c27a39fa4e00ca6a821f5d
-
SSDEEP
3072:MzBQZu2+UOWJoxjpBTAhzt8vfvC/4Ka2SYoDdXb0j34o5lmhZ:uhWCjpBUhz3xJyJ0j3A
Score10/10-
Deletes itself
-
Suspicious use of SetThreadContext
-