General
-
Target
4b3c4b23e40cdf7b3441a7669c5c5ad601b6fb34d0eb541a98bc5f8c4614b328
-
Size
270KB
-
Sample
230925-dkdl8sbf8y
-
MD5
1cae4a7341e379f0fe6e8f1ddcbfc828
-
SHA1
f04682180a9f75661337785e8bebb92d27a9a8be
-
SHA256
4b3c4b23e40cdf7b3441a7669c5c5ad601b6fb34d0eb541a98bc5f8c4614b328
-
SHA512
2fa97b10da91047d79b0b53b68ca4e6d9434614d05b6a2f41017975aa8d9be1f5a68fc6f9136e013d95d2d5844238bbd6ffd46c7468ee0edce12bc6926624c02
-
SSDEEP
6144:ZRShrJ+j+5j68KsT6h/OCy5U9uAOMA4Pwm/b7y2qw6:ZR8N+j+5+RsqGGuv4Pwm/6w6
Static task
static1
Behavioral task
behavioral1
Sample
4b3c4b23e40cdf7b3441a7669c5c5ad601b6fb34d0eb541a98bc5f8c4614b328.exe
Resource
win10-20230915-en
Malware Config
Extracted
smokeloader
2022
http://77.91.68.29/fks/
Targets
-
-
Target
4b3c4b23e40cdf7b3441a7669c5c5ad601b6fb34d0eb541a98bc5f8c4614b328
-
Size
270KB
-
MD5
1cae4a7341e379f0fe6e8f1ddcbfc828
-
SHA1
f04682180a9f75661337785e8bebb92d27a9a8be
-
SHA256
4b3c4b23e40cdf7b3441a7669c5c5ad601b6fb34d0eb541a98bc5f8c4614b328
-
SHA512
2fa97b10da91047d79b0b53b68ca4e6d9434614d05b6a2f41017975aa8d9be1f5a68fc6f9136e013d95d2d5844238bbd6ffd46c7468ee0edce12bc6926624c02
-
SSDEEP
6144:ZRShrJ+j+5j68KsT6h/OCy5U9uAOMA4Pwm/b7y2qw6:ZR8N+j+5+RsqGGuv4Pwm/6w6
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-