General
-
Target
4d2d7253f92fabcfd3adc2b0f112f8ddde14c0e94b88c603fe332b2e5d77cd00
-
Size
250KB
-
Sample
230329-te8s7agh84
-
MD5
639376664335231a89d68e63a091cf23
-
SHA1
591946aa4917051b89305b73a981489fe3c43b47
-
SHA256
4d2d7253f92fabcfd3adc2b0f112f8ddde14c0e94b88c603fe332b2e5d77cd00
-
SHA512
aedac85f02b76cf5afe7784e3d5668fa821bb87c3c5f6fed73779090dbc865ad72f1b6588afee397ab28c84366da7eaa220977c2faab3cc597009d16b1b3a44d
-
SSDEEP
3072:F9NHUpV5g8XLj5bzLXG5FEELTPvaI4nh1/wbsHEvDxdoegx4cj:ZHUj9Lj53LXKzYnToIH4xdc
Static task
static1
Behavioral task
behavioral1
Sample
4d2d7253f92fabcfd3adc2b0f112f8ddde14c0e94b88c603fe332b2e5d77cd00.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
smokeloader
lab
Extracted
smokeloader
2020
http://host-file-host6.com/
http://host-host-file8.com/
Targets
-
-
Target
4d2d7253f92fabcfd3adc2b0f112f8ddde14c0e94b88c603fe332b2e5d77cd00
-
Size
250KB
-
MD5
639376664335231a89d68e63a091cf23
-
SHA1
591946aa4917051b89305b73a981489fe3c43b47
-
SHA256
4d2d7253f92fabcfd3adc2b0f112f8ddde14c0e94b88c603fe332b2e5d77cd00
-
SHA512
aedac85f02b76cf5afe7784e3d5668fa821bb87c3c5f6fed73779090dbc865ad72f1b6588afee397ab28c84366da7eaa220977c2faab3cc597009d16b1b3a44d
-
SSDEEP
3072:F9NHUpV5g8XLj5bzLXG5FEELTPvaI4nh1/wbsHEvDxdoegx4cj:ZHUj9Lj53LXKzYnToIH4xdc
Score10/10-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-