General
-
Target
file.exe
-
Size
295KB
-
Sample
230328-s22gysdd9s
-
MD5
cdafc8e7d71f4a536cdc3565a1b4591f
-
SHA1
c40edb3878575e883fb4536975f7a46294c0138b
-
SHA256
cbdbfd2c90310024a46e2395bf6210b5352c932fc5d27dba5ebef0b1aec21aa8
-
SHA512
aadf7c55c44dc7eba4a6824e1ebfb2fea42b9cf6a3cfb24a08ccf26f3fc1e832b2951c3d17ce1ff76717d5cd1ec1e0c46222b48530b864d787e863503910b05b
-
SSDEEP
3072:Vyd2NE86t5B/4lAHX3BCIOM+oPMEz9JtZh00O2LD16kZstdbY7dlmc2toiDTSW:MGE8u/4l83B2ExZmWckizbFtDDT9
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
file.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
smokeloader
lab
Extracted
smokeloader
2020
http://host-file-host6.com/
http://host-host-file8.com/
Targets
-
-
Target
file.exe
-
Size
295KB
-
MD5
cdafc8e7d71f4a536cdc3565a1b4591f
-
SHA1
c40edb3878575e883fb4536975f7a46294c0138b
-
SHA256
cbdbfd2c90310024a46e2395bf6210b5352c932fc5d27dba5ebef0b1aec21aa8
-
SHA512
aadf7c55c44dc7eba4a6824e1ebfb2fea42b9cf6a3cfb24a08ccf26f3fc1e832b2951c3d17ce1ff76717d5cd1ec1e0c46222b48530b864d787e863503910b05b
-
SSDEEP
3072:Vyd2NE86t5B/4lAHX3BCIOM+oPMEz9JtZh00O2LD16kZstdbY7dlmc2toiDTSW:MGE8u/4l83B2ExZmWckizbFtDDT9
Score10/10-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-