General
-
Target
a3f12a86956b46caf03b7ab7a7802dc4e6f63d62f2983c9e5fa4b12983525b50
-
Size
272KB
-
Sample
230917-hwsbzsah36
-
MD5
5ee48fa6fdc554fbacbbc9b66da4f2aa
-
SHA1
006f3580e833bc5e965ddc5cf4593396c96031dc
-
SHA256
a3f12a86956b46caf03b7ab7a7802dc4e6f63d62f2983c9e5fa4b12983525b50
-
SHA512
21f184ab5a541611f7342c6823addcd37a28aef72956b87874e3ee1631b9212fe5afac9f2b8d744b6d04170c8381a79d5c0500a31a454f08cdd1469f904e07fe
-
SSDEEP
3072:AQvRg2YvVcjtvEKny84ccbqvPZg7UCmiMiG6Cb/V0KNMGNDn:dvwvVcjt8KnyXbqvPZg7gIJ8VBL
Static task
static1
Behavioral task
behavioral1
Sample
a3f12a86956b46caf03b7ab7a7802dc4e6f63d62f2983c9e5fa4b12983525b50.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
a3f12a86956b46caf03b7ab7a7802dc4e6f63d62f2983c9e5fa4b12983525b50.exe
Resource
win10-20230915-en
Malware Config
Extracted
smokeloader
pub1
Extracted
smokeloader
2020
http://host-file-host6.com/
http://host-host-file8.com/
Targets
-
-
Target
a3f12a86956b46caf03b7ab7a7802dc4e6f63d62f2983c9e5fa4b12983525b50
-
Size
272KB
-
MD5
5ee48fa6fdc554fbacbbc9b66da4f2aa
-
SHA1
006f3580e833bc5e965ddc5cf4593396c96031dc
-
SHA256
a3f12a86956b46caf03b7ab7a7802dc4e6f63d62f2983c9e5fa4b12983525b50
-
SHA512
21f184ab5a541611f7342c6823addcd37a28aef72956b87874e3ee1631b9212fe5afac9f2b8d744b6d04170c8381a79d5c0500a31a454f08cdd1469f904e07fe
-
SSDEEP
3072:AQvRg2YvVcjtvEKny84ccbqvPZg7UCmiMiG6Cb/V0KNMGNDn:dvwvVcjt8KnyXbqvPZg7gIJ8VBL
Score10/10-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-