General
-
Target
558d199065a250fec8c4f1920765de40858fd5d599fbfd47c507a0b2fd2b5bef
-
Size
270KB
-
Sample
230925-dvx4mabg7v
-
MD5
df5bacf7594f193f0ce800ae6b847fd5
-
SHA1
fa5c581d8a2175730b5df7999c5c0cc6cef5f903
-
SHA256
558d199065a250fec8c4f1920765de40858fd5d599fbfd47c507a0b2fd2b5bef
-
SHA512
21fa60e46d69bfafb6ad872dae35942df70ce180023f63bb062efb1a8988c3321db610a23d7b5907ef7167996a0fd2b5ce1def82b6fff465880c3a4278cf83f4
-
SSDEEP
6144:WRGhrJ+j+5j68KsT6h/OCy5U9uAOpAApPJUAqw6:WRwN+j+5+RsqGGuUwPeJw6
Static task
static1
Behavioral task
behavioral1
Sample
558d199065a250fec8c4f1920765de40858fd5d599fbfd47c507a0b2fd2b5bef.exe
Resource
win10-20230915-en
Malware Config
Extracted
smokeloader
2022
http://77.91.68.29/fks/
Targets
-
-
Target
558d199065a250fec8c4f1920765de40858fd5d599fbfd47c507a0b2fd2b5bef
-
Size
270KB
-
MD5
df5bacf7594f193f0ce800ae6b847fd5
-
SHA1
fa5c581d8a2175730b5df7999c5c0cc6cef5f903
-
SHA256
558d199065a250fec8c4f1920765de40858fd5d599fbfd47c507a0b2fd2b5bef
-
SHA512
21fa60e46d69bfafb6ad872dae35942df70ce180023f63bb062efb1a8988c3321db610a23d7b5907ef7167996a0fd2b5ce1def82b6fff465880c3a4278cf83f4
-
SSDEEP
6144:WRGhrJ+j+5j68KsT6h/OCy5U9uAOpAApPJUAqw6:WRwN+j+5+RsqGGuUwPeJw6
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-