General
-
Target
c4a687bc29ce45858b3324fc43086b16119414d13180bcc5e47380ab77043878
-
Size
301KB
-
Sample
230909-qdhc3abc54
-
MD5
369aad7d0673419f90ea88dd0189dd2d
-
SHA1
9189ec06db411d3f9e77f5f7ce0677529670943d
-
SHA256
c4a687bc29ce45858b3324fc43086b16119414d13180bcc5e47380ab77043878
-
SHA512
67a1f8825094c692515e6acf2e38fcfd86240c4a16bbb34e4c084032fec6eca03e37973f5b071a467cab1a4f5ac1bed9d19c635b2ee684c338e19a0487448235
-
SSDEEP
3072:tvikxL6IEIGe0fMEVkvPZpFcFQX98JuMPAswcVP7ReUIAxy2:ZxxL69tUEAhpFpNXcOUIA
Static task
static1
Behavioral task
behavioral1
Sample
c4a687bc29ce45858b3324fc43086b16119414d13180bcc5e47380ab77043878.exe
Resource
win10v2004-20230831-en
Malware Config
Extracted
smokeloader
up4
Extracted
smokeloader
2020
http://host-file-file0.com/
http://file-file-file1.com/
Targets
-
-
Target
c4a687bc29ce45858b3324fc43086b16119414d13180bcc5e47380ab77043878
-
Size
301KB
-
MD5
369aad7d0673419f90ea88dd0189dd2d
-
SHA1
9189ec06db411d3f9e77f5f7ce0677529670943d
-
SHA256
c4a687bc29ce45858b3324fc43086b16119414d13180bcc5e47380ab77043878
-
SHA512
67a1f8825094c692515e6acf2e38fcfd86240c4a16bbb34e4c084032fec6eca03e37973f5b071a467cab1a4f5ac1bed9d19c635b2ee684c338e19a0487448235
-
SSDEEP
3072:tvikxL6IEIGe0fMEVkvPZpFcFQX98JuMPAswcVP7ReUIAxy2:ZxxL69tUEAhpFpNXcOUIA
Score10/10-
Modifies Installed Components in the registry
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Suspicious use of SetThreadContext
-