General
-
Target
fd36eff47ab8eefc9645f11b38a2a7c11ce9b36a76fd8f5f3c1aebe4d4c57c6d
-
Size
270KB
-
Sample
230925-e266jscb8z
-
MD5
14903b4a2bf915d7807054a7efdfa39b
-
SHA1
614733b0ca2635c6bcbaf592b6c917fc0fbc1891
-
SHA256
fd36eff47ab8eefc9645f11b38a2a7c11ce9b36a76fd8f5f3c1aebe4d4c57c6d
-
SHA512
77a540df09f952222d18372b7e36de8b77a3b5928b5e9b28326ef8f0024195dd45b4fbca203dba97d3a9e73b1ea338dd9dec25d4ac9cd00a6fc87faccdaf2d46
-
SSDEEP
6144:tRAcMQ+j+5j68KsT6h/OCy5UKuAOYgea/vIFnTfYwK:tRT7+j+5+RsqGhuH//g5AwK
Static task
static1
Behavioral task
behavioral1
Sample
fd36eff47ab8eefc9645f11b38a2a7c11ce9b36a76fd8f5f3c1aebe4d4c57c6d.exe
Resource
win10-20230915-en
Malware Config
Extracted
smokeloader
2022
http://77.91.68.29/fks/
Targets
-
-
Target
fd36eff47ab8eefc9645f11b38a2a7c11ce9b36a76fd8f5f3c1aebe4d4c57c6d
-
Size
270KB
-
MD5
14903b4a2bf915d7807054a7efdfa39b
-
SHA1
614733b0ca2635c6bcbaf592b6c917fc0fbc1891
-
SHA256
fd36eff47ab8eefc9645f11b38a2a7c11ce9b36a76fd8f5f3c1aebe4d4c57c6d
-
SHA512
77a540df09f952222d18372b7e36de8b77a3b5928b5e9b28326ef8f0024195dd45b4fbca203dba97d3a9e73b1ea338dd9dec25d4ac9cd00a6fc87faccdaf2d46
-
SSDEEP
6144:tRAcMQ+j+5j68KsT6h/OCy5UKuAOYgea/vIFnTfYwK:tRT7+j+5+RsqGhuH//g5AwK
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-