General
-
Target
df3587df28c7aa800ae74a223d93da76f3930c2fd2b2c72282956ba5b373d143
-
Size
270KB
-
Sample
230925-c1zc7sbe7z
-
MD5
008e9e63914adcb60ef940ec1fe4a242
-
SHA1
25781c1fe16a8bfb44998c328be790ff05f73337
-
SHA256
df3587df28c7aa800ae74a223d93da76f3930c2fd2b2c72282956ba5b373d143
-
SHA512
78832c487a6c7130737380ed7c03a769111b3c33dbb0959fe9c819ef859bfb473e9104bf782138535c6d98c2f248e40f62762e562b1bedac7a6f29916fbf791b
-
SSDEEP
6144:6RhhrJ+j+5j68KsT6h/OCy5U9uAOpASsWqw6:6RXN+j+5+RsqGGuY/w6
Static task
static1
Behavioral task
behavioral1
Sample
df3587df28c7aa800ae74a223d93da76f3930c2fd2b2c72282956ba5b373d143.exe
Resource
win10-20230915-en
Malware Config
Extracted
smokeloader
2022
http://77.91.68.29/fks/
Targets
-
-
Target
df3587df28c7aa800ae74a223d93da76f3930c2fd2b2c72282956ba5b373d143
-
Size
270KB
-
MD5
008e9e63914adcb60ef940ec1fe4a242
-
SHA1
25781c1fe16a8bfb44998c328be790ff05f73337
-
SHA256
df3587df28c7aa800ae74a223d93da76f3930c2fd2b2c72282956ba5b373d143
-
SHA512
78832c487a6c7130737380ed7c03a769111b3c33dbb0959fe9c819ef859bfb473e9104bf782138535c6d98c2f248e40f62762e562b1bedac7a6f29916fbf791b
-
SSDEEP
6144:6RhhrJ+j+5j68KsT6h/OCy5U9uAOpASsWqw6:6RXN+j+5+RsqGGuY/w6
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-