General
-
Target
ab16043e2aa1752614e78ab78a65173f04cb33b63180ce844b1f34fce7510767
-
Size
295KB
-
Sample
230328-mn9nhscb8z
-
MD5
c57c08c3df3aab44946a499ccc2785a1
-
SHA1
4022adb6e342ba5bf474c750f5d814c9e1b4bb6e
-
SHA256
ab16043e2aa1752614e78ab78a65173f04cb33b63180ce844b1f34fce7510767
-
SHA512
fe288b570d88a12042bb5ff39cc2f1ef02fd54d2ccc5b5559e4cd14d4f2ca9d69938d35cc308eac2c8d50d3b24752ddf4b4f6b7738138d8e615e43adf263e83a
-
SSDEEP
3072:Y98A+DWqWR283wEarvg2LJYk9yon5IPQ8VkYMHL4c5ddXyKcHhxVftMJ3XLrZblp:0l2KcrvTJY8ZFHLRdXNcr6nL8tDDTO
Static task
static1
Behavioral task
behavioral1
Sample
ab16043e2aa1752614e78ab78a65173f04cb33b63180ce844b1f34fce7510767.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
smokeloader
lab
Extracted
smokeloader
2020
http://host-file-host6.com/
http://host-host-file8.com/
Targets
-
-
Target
ab16043e2aa1752614e78ab78a65173f04cb33b63180ce844b1f34fce7510767
-
Size
295KB
-
MD5
c57c08c3df3aab44946a499ccc2785a1
-
SHA1
4022adb6e342ba5bf474c750f5d814c9e1b4bb6e
-
SHA256
ab16043e2aa1752614e78ab78a65173f04cb33b63180ce844b1f34fce7510767
-
SHA512
fe288b570d88a12042bb5ff39cc2f1ef02fd54d2ccc5b5559e4cd14d4f2ca9d69938d35cc308eac2c8d50d3b24752ddf4b4f6b7738138d8e615e43adf263e83a
-
SSDEEP
3072:Y98A+DWqWR283wEarvg2LJYk9yon5IPQ8VkYMHL4c5ddXyKcHhxVftMJ3XLrZblp:0l2KcrvTJY8ZFHLRdXNcr6nL8tDDTO
Score10/10-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-