General
-
Target
ce66da5e996530561316a5dbcac552720f1884f6d4e7d34e314664f16daae823
-
Size
270KB
-
Sample
230925-dygaaadc69
-
MD5
b4eac4df68bbf2d3959610d2642e69ab
-
SHA1
565e65c6a721d8378d03a42dbcec5ed3bfc3c4ce
-
SHA256
ce66da5e996530561316a5dbcac552720f1884f6d4e7d34e314664f16daae823
-
SHA512
05ddb62ee8627d4e5cffef20d0b84f89bb3c9b6d7a3a8a3c064b6a915586d9f43294a453922e23bc2ac19de56340a549ca492f645e8c9487a1f68131a2740113
-
SSDEEP
6144:MR8cMQ+j+5j68KsT6h/OCy5UKuAOXgk3O8MwK:MRP7+j+5+RsqGhuCk3OXwK
Static task
static1
Behavioral task
behavioral1
Sample
ce66da5e996530561316a5dbcac552720f1884f6d4e7d34e314664f16daae823.exe
Resource
win10-20230915-en
Malware Config
Extracted
smokeloader
2022
http://77.91.68.29/fks/
Targets
-
-
Target
ce66da5e996530561316a5dbcac552720f1884f6d4e7d34e314664f16daae823
-
Size
270KB
-
MD5
b4eac4df68bbf2d3959610d2642e69ab
-
SHA1
565e65c6a721d8378d03a42dbcec5ed3bfc3c4ce
-
SHA256
ce66da5e996530561316a5dbcac552720f1884f6d4e7d34e314664f16daae823
-
SHA512
05ddb62ee8627d4e5cffef20d0b84f89bb3c9b6d7a3a8a3c064b6a915586d9f43294a453922e23bc2ac19de56340a549ca492f645e8c9487a1f68131a2740113
-
SSDEEP
6144:MR8cMQ+j+5j68KsT6h/OCy5UKuAOXgk3O8MwK:MRP7+j+5+RsqGhuCk3OXwK
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-