General
-
Target
2a25eeef861d5abb4b2aa7084f80b8aa27ef1d3b999e25f49b315a4031ba6b90
-
Size
270KB
-
Sample
230925-cjra9sbd8x
-
MD5
f3c025e5194d46ae3abf16ff4df06ba1
-
SHA1
12629837e1407291b2071661a3ab2aadf70eb70f
-
SHA256
2a25eeef861d5abb4b2aa7084f80b8aa27ef1d3b999e25f49b315a4031ba6b90
-
SHA512
b1d7fba6577ed62e76d7301f850724c33f130cd982c9046b67f5e83a21b029849ae0786123ac2211b565a867832299c4639db8077e08afaf84ee58469e3662c9
-
SSDEEP
6144:LRihrJ+j+5j68KsT6h/OCy5U9uAOSAoa68gqw6:LRMN+j+5+RsqGGuFocw6
Static task
static1
Behavioral task
behavioral1
Sample
2a25eeef861d5abb4b2aa7084f80b8aa27ef1d3b999e25f49b315a4031ba6b90.exe
Resource
win10-20230915-en
Malware Config
Extracted
smokeloader
2022
http://77.91.68.29/fks/
Targets
-
-
Target
2a25eeef861d5abb4b2aa7084f80b8aa27ef1d3b999e25f49b315a4031ba6b90
-
Size
270KB
-
MD5
f3c025e5194d46ae3abf16ff4df06ba1
-
SHA1
12629837e1407291b2071661a3ab2aadf70eb70f
-
SHA256
2a25eeef861d5abb4b2aa7084f80b8aa27ef1d3b999e25f49b315a4031ba6b90
-
SHA512
b1d7fba6577ed62e76d7301f850724c33f130cd982c9046b67f5e83a21b029849ae0786123ac2211b565a867832299c4639db8077e08afaf84ee58469e3662c9
-
SSDEEP
6144:LRihrJ+j+5j68KsT6h/OCy5U9uAOSAoa68gqw6:LRMN+j+5+RsqGGuFocw6
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-