General
-
Target
c4dbc6a039cd453d8bc3b0436465199ed2c5a16237b986819834e1550bf800f7
-
Size
270KB
-
Sample
230925-ct3r2sda27
-
MD5
1e0ad95d868fbec3bae95b6d392314c5
-
SHA1
66015b0f4e0f5b59fac1139739e3712dba0c46c0
-
SHA256
c4dbc6a039cd453d8bc3b0436465199ed2c5a16237b986819834e1550bf800f7
-
SHA512
ab8172c31fac69b384b040dfb093193eea78c499575143d13660e0420acf14d87b1d6a57c2f2c40af5885a1f4e42aa55faa304ded4a2020218a0a9e26daf3d33
-
SSDEEP
6144:uR+hrJ+j+5j68KsT6h/OCy5U9uAO9AZ/8qw6:uRIN+j+5+RsqGGuol9w6
Static task
static1
Behavioral task
behavioral1
Sample
c4dbc6a039cd453d8bc3b0436465199ed2c5a16237b986819834e1550bf800f7.exe
Resource
win10-20230915-en
Malware Config
Extracted
smokeloader
2022
http://77.91.68.29/fks/
Targets
-
-
Target
c4dbc6a039cd453d8bc3b0436465199ed2c5a16237b986819834e1550bf800f7
-
Size
270KB
-
MD5
1e0ad95d868fbec3bae95b6d392314c5
-
SHA1
66015b0f4e0f5b59fac1139739e3712dba0c46c0
-
SHA256
c4dbc6a039cd453d8bc3b0436465199ed2c5a16237b986819834e1550bf800f7
-
SHA512
ab8172c31fac69b384b040dfb093193eea78c499575143d13660e0420acf14d87b1d6a57c2f2c40af5885a1f4e42aa55faa304ded4a2020218a0a9e26daf3d33
-
SSDEEP
6144:uR+hrJ+j+5j68KsT6h/OCy5U9uAO9AZ/8qw6:uRIN+j+5+RsqGGuol9w6
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-