General
-
Target
77dc26ba88c0fbec254049a50ce107c5137d83f51c32c1cad659bac1b906a219
-
Size
270KB
-
Sample
230925-b9tnmscg37
-
MD5
021b4ba2e1001d0741145ea8bda5a51b
-
SHA1
17fc72a08022c90449a354b136c5a0bc999a7934
-
SHA256
77dc26ba88c0fbec254049a50ce107c5137d83f51c32c1cad659bac1b906a219
-
SHA512
9db1e34e68f7e9c7cffa3d9be510b67fb44231d5f6ca4b0b6cee61f56e442e51b0933932ebc4bbe005f7f3ab74b6b07cfff4079de607a9afce272750ff601dad
-
SSDEEP
6144:dRWhrJ+j+5j68KsT6h/OCy5U9uAOAAkPz1qw6:dRAN+j+5+RsqGGunkPQw6
Static task
static1
Behavioral task
behavioral1
Sample
77dc26ba88c0fbec254049a50ce107c5137d83f51c32c1cad659bac1b906a219.exe
Resource
win10-20230831-en
Malware Config
Extracted
smokeloader
2022
http://77.91.68.29/fks/
Targets
-
-
Target
77dc26ba88c0fbec254049a50ce107c5137d83f51c32c1cad659bac1b906a219
-
Size
270KB
-
MD5
021b4ba2e1001d0741145ea8bda5a51b
-
SHA1
17fc72a08022c90449a354b136c5a0bc999a7934
-
SHA256
77dc26ba88c0fbec254049a50ce107c5137d83f51c32c1cad659bac1b906a219
-
SHA512
9db1e34e68f7e9c7cffa3d9be510b67fb44231d5f6ca4b0b6cee61f56e442e51b0933932ebc4bbe005f7f3ab74b6b07cfff4079de607a9afce272750ff601dad
-
SSDEEP
6144:dRWhrJ+j+5j68KsT6h/OCy5U9uAOAAkPz1qw6:dRAN+j+5+RsqGGunkPQw6
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-