General
-
Target
724083e6e87da3b093827cacc4cc59f4d43ca461e76ccab1d2a565f8579392eb
-
Size
270KB
-
Sample
230925-b8ajdacg22
-
MD5
b0a79a9f8d16ff58b389cc8910deb75a
-
SHA1
883291a1d92157c17c68c7a82f4ee4cb801aadc4
-
SHA256
724083e6e87da3b093827cacc4cc59f4d43ca461e76ccab1d2a565f8579392eb
-
SHA512
e017365e41534daf189001ffe71557517558f1855f5a83f0f6213bacc57cffa184efc4e300c2b73b12391a24244d60d7e3cfe858f192e17fb1d28a927e69e519
-
SSDEEP
6144:NRshrJ+j+5j68KsT6h/OCy5U9uAOMATzaqw6:NRyN+j+5+RsqGGuPTrw6
Static task
static1
Behavioral task
behavioral1
Sample
724083e6e87da3b093827cacc4cc59f4d43ca461e76ccab1d2a565f8579392eb.exe
Resource
win10-20230915-en
Malware Config
Extracted
smokeloader
2022
http://77.91.68.29/fks/
Targets
-
-
Target
724083e6e87da3b093827cacc4cc59f4d43ca461e76ccab1d2a565f8579392eb
-
Size
270KB
-
MD5
b0a79a9f8d16ff58b389cc8910deb75a
-
SHA1
883291a1d92157c17c68c7a82f4ee4cb801aadc4
-
SHA256
724083e6e87da3b093827cacc4cc59f4d43ca461e76ccab1d2a565f8579392eb
-
SHA512
e017365e41534daf189001ffe71557517558f1855f5a83f0f6213bacc57cffa184efc4e300c2b73b12391a24244d60d7e3cfe858f192e17fb1d28a927e69e519
-
SSDEEP
6144:NRshrJ+j+5j68KsT6h/OCy5U9uAOMATzaqw6:NRyN+j+5+RsqGGuPTrw6
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-