General
-
Target
1ccf523f1afdbcf943f7a11843de9e29e7edd596ec2db5a0ed375aabd15b5394
-
Size
270KB
-
Sample
230925-deb68adb22
-
MD5
c26fce705fa2dde33f804942e4fb7526
-
SHA1
880f25a77f8fa50858793dc9924bb90fb91d393a
-
SHA256
1ccf523f1afdbcf943f7a11843de9e29e7edd596ec2db5a0ed375aabd15b5394
-
SHA512
cb2ec751b091101ef11a27dde3aefb3343d622b8a383ec60f6c0fc7e528ec42bc472a4c2e81af445e2b3a498d9196947cbb7b4b714b37c6c8377c15ab09c8584
-
SSDEEP
6144:BR2hrJ+j+5j68KsT6h/OCy5U9uAOQArrCmcqw6:BRgN+j+5+RsqGGuTrWmdw6
Static task
static1
Behavioral task
behavioral1
Sample
1ccf523f1afdbcf943f7a11843de9e29e7edd596ec2db5a0ed375aabd15b5394.exe
Resource
win10-20230915-en
Malware Config
Extracted
smokeloader
2022
http://77.91.68.29/fks/
Targets
-
-
Target
1ccf523f1afdbcf943f7a11843de9e29e7edd596ec2db5a0ed375aabd15b5394
-
Size
270KB
-
MD5
c26fce705fa2dde33f804942e4fb7526
-
SHA1
880f25a77f8fa50858793dc9924bb90fb91d393a
-
SHA256
1ccf523f1afdbcf943f7a11843de9e29e7edd596ec2db5a0ed375aabd15b5394
-
SHA512
cb2ec751b091101ef11a27dde3aefb3343d622b8a383ec60f6c0fc7e528ec42bc472a4c2e81af445e2b3a498d9196947cbb7b4b714b37c6c8377c15ab09c8584
-
SSDEEP
6144:BR2hrJ+j+5j68KsT6h/OCy5U9uAOQArrCmcqw6:BRgN+j+5+RsqGGuTrWmdw6
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-