General
-
Target
aa716a47e1edf2eba2fa4039ab307da0.bin
-
Size
164KB
-
Sample
230329-b1yk8sga2x
-
MD5
db6847c1a25d6bb6905e61d844a65007
-
SHA1
8dd8a657a05497918a02f615b3e4874bc553f2e2
-
SHA256
7d42da4dc440257a0dff88d1b878560da4b311258edeb6dfecdc9cee41c823ec
-
SHA512
99f1509e7730543be4d03e1139f111a08530fc21fe2b6acaf9da231d668128d46d7e3d7937c5ead98c19ec962d33e6b9ca2526e202cb77ea8b4343e3910aaca8
-
SSDEEP
3072:epL8nGqMX80TJu0jdWHOAY/M1Yv4vZJC0GUyDq/dIi22g9HRsW4kpoQe7zsOsY3N:epYGqMX84DdyOAOc/GUyDquiBggHQczJ
Static task
static1
Behavioral task
behavioral1
Sample
2940392a683880d056c8cd8227d44a1a307b42905df31a09872bb651c23fc110.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
2940392a683880d056c8cd8227d44a1a307b42905df31a09872bb651c23fc110.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
smokeloader
lab
Extracted
smokeloader
2020
http://host-file-host6.com/
http://host-host-file8.com/
Targets
-
-
Target
2940392a683880d056c8cd8227d44a1a307b42905df31a09872bb651c23fc110.exe
-
Size
250KB
-
MD5
aa716a47e1edf2eba2fa4039ab307da0
-
SHA1
ec398c58775ff11f241b17b2c0561e156a44bc90
-
SHA256
2940392a683880d056c8cd8227d44a1a307b42905df31a09872bb651c23fc110
-
SHA512
4c7bc0a7a2c491c6efee8369bfd49cd6bdc66b8d5962d51f7d9e0c9d910dcb52ddab26a4bc26551a7647351ae6876f3edf7aed0e0f4a1c31928c24bec8271ad2
-
SSDEEP
6144:S8T+GUkLLgUPCTqybV2NAG5g5ZdztRn7:xTUkL8UqTqyV2wb
Score10/10-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-