General
-
Target
bf8eb68828433edb224c817946afe3c0_JC.exe
-
Size
265KB
-
Sample
230924-qdg3asgf76
-
MD5
bf8eb68828433edb224c817946afe3c0
-
SHA1
7ee16147a83ca73e1eca87b4740c35f42ae2f94f
-
SHA256
c24ea64b67f96e1298d578d09a21d3ca18dff3afce65197cb5c9e80244f39d71
-
SHA512
1640c995809018a61b7d30c2655123ad916dfc48ca9c7642700586c161c7c929d2d68a0345b4b54039b6d2e0f52d0f7c95988eb13c493dab1ec4a47da6f0518b
-
SSDEEP
3072:62XjhrbPgrVGoUtWIgVBMLQoKiwu+fkPwAWRIzK+rvJ+TomjO3:NlrErEoU8VV2CseoxKKB+cma
Static task
static1
Behavioral task
behavioral1
Sample
bf8eb68828433edb224c817946afe3c0_JC.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
bf8eb68828433edb224c817946afe3c0_JC.exe
Resource
win10v2004-20230915-en
Malware Config
Extracted
smokeloader
pub1
Extracted
smokeloader
2020
http://host-file-host6.com/
http://host-host-file8.com/
Targets
-
-
Target
bf8eb68828433edb224c817946afe3c0_JC.exe
-
Size
265KB
-
MD5
bf8eb68828433edb224c817946afe3c0
-
SHA1
7ee16147a83ca73e1eca87b4740c35f42ae2f94f
-
SHA256
c24ea64b67f96e1298d578d09a21d3ca18dff3afce65197cb5c9e80244f39d71
-
SHA512
1640c995809018a61b7d30c2655123ad916dfc48ca9c7642700586c161c7c929d2d68a0345b4b54039b6d2e0f52d0f7c95988eb13c493dab1ec4a47da6f0518b
-
SSDEEP
3072:62XjhrbPgrVGoUtWIgVBMLQoKiwu+fkPwAWRIzK+rvJ+TomjO3:NlrErEoU8VV2CseoxKKB+cma
Score10/10-
Deletes itself
-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-