General
-
Target
f4ee23d07d350c520bb9f1d2348b727bb08b0861c9f887357c427dfa599f661c
-
Size
270KB
-
Sample
230925-d8bsjsdd46
-
MD5
87ab5c8d1c2bc023753cecd4ca253eee
-
SHA1
ee5add2eb8136a01a4ba4cd4e81ab59bfc8328a9
-
SHA256
f4ee23d07d350c520bb9f1d2348b727bb08b0861c9f887357c427dfa599f661c
-
SHA512
c3c7fa45f3ba42c21ab91764a5b4f2663cff6bd0d0dc426d6d857fc969be26d17daeccca87a66024ea8323b7ca1341763308c57f3dda8a813a44c3245eb309ee
-
SSDEEP
6144:QRIhrJ+j+5j68KsT6h/OCy5U9uAOrAKMr9s/qw6:QRuN+j+5+RsqGGu+/r9xw6
Static task
static1
Behavioral task
behavioral1
Sample
f4ee23d07d350c520bb9f1d2348b727bb08b0861c9f887357c427dfa599f661c.exe
Resource
win10-20230915-en
Malware Config
Extracted
smokeloader
2022
http://77.91.68.29/fks/
Targets
-
-
Target
f4ee23d07d350c520bb9f1d2348b727bb08b0861c9f887357c427dfa599f661c
-
Size
270KB
-
MD5
87ab5c8d1c2bc023753cecd4ca253eee
-
SHA1
ee5add2eb8136a01a4ba4cd4e81ab59bfc8328a9
-
SHA256
f4ee23d07d350c520bb9f1d2348b727bb08b0861c9f887357c427dfa599f661c
-
SHA512
c3c7fa45f3ba42c21ab91764a5b4f2663cff6bd0d0dc426d6d857fc969be26d17daeccca87a66024ea8323b7ca1341763308c57f3dda8a813a44c3245eb309ee
-
SSDEEP
6144:QRIhrJ+j+5j68KsT6h/OCy5U9uAOrAKMr9s/qw6:QRuN+j+5+RsqGGu+/r9xw6
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-