General
-
Target
toolspub1.exe
-
Size
293KB
-
Sample
230922-fbt9qsda81
-
MD5
682773905fd75641ab9bb5d68500d987
-
SHA1
aefe2a8a408c0f316d1783c1cbe8522cd4095f3c
-
SHA256
e0aa93c3f01841d67f1d1f4caa49705313e441aa6c74ad027c890a2174681154
-
SHA512
d42bfbb998f984d30de034d380ea584e25c85316c2e315e5653db74058ffa6a24fde86bdafce02c740a1851e16d055bfb034b5fd9258b552cbea1758532fe3d2
-
SSDEEP
3072:w68XTpDS5GjDBixbk4pB0EG/JbD1wm2vZ9IULFum+/mh1nkrNidg87dB:R4TpSQsxdpB07xD152rIiOY1nkkg8Z
Static task
static1
Behavioral task
behavioral1
Sample
toolspub1.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
toolspub1.exe
Resource
win10v2004-20230915-en
Malware Config
Extracted
smokeloader
pub1
Extracted
smokeloader
2020
http://host-file-host6.com/
http://host-host-file8.com/
Targets
-
-
Target
toolspub1.exe
-
Size
293KB
-
MD5
682773905fd75641ab9bb5d68500d987
-
SHA1
aefe2a8a408c0f316d1783c1cbe8522cd4095f3c
-
SHA256
e0aa93c3f01841d67f1d1f4caa49705313e441aa6c74ad027c890a2174681154
-
SHA512
d42bfbb998f984d30de034d380ea584e25c85316c2e315e5653db74058ffa6a24fde86bdafce02c740a1851e16d055bfb034b5fd9258b552cbea1758532fe3d2
-
SSDEEP
3072:w68XTpDS5GjDBixbk4pB0EG/JbD1wm2vZ9IULFum+/mh1nkrNidg87dB:R4TpSQsxdpB07xD152rIiOY1nkkg8Z
Score10/10-
Deletes itself
-
Suspicious use of SetThreadContext
-