General
-
Target
18628c2d3458d7600cc76a4d3cfbc580f7896bb3cd8aef5b1f1b0752887127d9
-
Size
270KB
-
Sample
230925-dratxsdc42
-
MD5
aff69542afafacc0df4a5e7c67bd8995
-
SHA1
2b1c5a5dd469394105a0c1f2764177548fc11903
-
SHA256
18628c2d3458d7600cc76a4d3cfbc580f7896bb3cd8aef5b1f1b0752887127d9
-
SHA512
4e90a6d5ec3259e06c3a7363bd7b2ebeed4c104f4c5bb3d0fee8ff6712b7cf110c72c4cabc2b87727fa7dd64302cf247ec363cfcbdd3c467118c23839dbfb1bb
-
SSDEEP
6144:hRihrJ+j+5j68KsT6h/OCy5U9uAOAATTPDbF6znqw6:hRMN+j+5+RsqGGuLLbnw6
Static task
static1
Behavioral task
behavioral1
Sample
18628c2d3458d7600cc76a4d3cfbc580f7896bb3cd8aef5b1f1b0752887127d9.exe
Resource
win10-20230915-en
Malware Config
Extracted
smokeloader
2022
http://77.91.68.29/fks/
Targets
-
-
Target
18628c2d3458d7600cc76a4d3cfbc580f7896bb3cd8aef5b1f1b0752887127d9
-
Size
270KB
-
MD5
aff69542afafacc0df4a5e7c67bd8995
-
SHA1
2b1c5a5dd469394105a0c1f2764177548fc11903
-
SHA256
18628c2d3458d7600cc76a4d3cfbc580f7896bb3cd8aef5b1f1b0752887127d9
-
SHA512
4e90a6d5ec3259e06c3a7363bd7b2ebeed4c104f4c5bb3d0fee8ff6712b7cf110c72c4cabc2b87727fa7dd64302cf247ec363cfcbdd3c467118c23839dbfb1bb
-
SSDEEP
6144:hRihrJ+j+5j68KsT6h/OCy5U9uAOAATTPDbF6znqw6:hRMN+j+5+RsqGGuLLbnw6
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-