General
-
Target
e7cf54c2106a9499aa159a245b14e3c5d17a41ba52b90f2de47609be7670ea81
-
Size
270KB
-
Sample
230925-e84n1adf88
-
MD5
c4988dc6dde23acd6929db1adb3e82f4
-
SHA1
3fde7635ccbb3cbe508554354fb5ed3a0f98e56d
-
SHA256
e7cf54c2106a9499aa159a245b14e3c5d17a41ba52b90f2de47609be7670ea81
-
SHA512
1cc8b9c1c2c1a66d9b56d77f9dc8425a6629df542aeb1af60528367222bc514367aac5776f3700420f3a750048b0e55eb69b5e6f42ba73fadc9d61334fa88566
-
SSDEEP
6144:CR/hrJ+j+5j68KsT6h/OCy5U9uAOZAipCuUqqw6:CR5N+j+5+RsqGGuUipzyw6
Static task
static1
Behavioral task
behavioral1
Sample
e7cf54c2106a9499aa159a245b14e3c5d17a41ba52b90f2de47609be7670ea81.exe
Resource
win10-20230915-en
Malware Config
Extracted
smokeloader
2022
http://77.91.68.29/fks/
Targets
-
-
Target
e7cf54c2106a9499aa159a245b14e3c5d17a41ba52b90f2de47609be7670ea81
-
Size
270KB
-
MD5
c4988dc6dde23acd6929db1adb3e82f4
-
SHA1
3fde7635ccbb3cbe508554354fb5ed3a0f98e56d
-
SHA256
e7cf54c2106a9499aa159a245b14e3c5d17a41ba52b90f2de47609be7670ea81
-
SHA512
1cc8b9c1c2c1a66d9b56d77f9dc8425a6629df542aeb1af60528367222bc514367aac5776f3700420f3a750048b0e55eb69b5e6f42ba73fadc9d61334fa88566
-
SSDEEP
6144:CR/hrJ+j+5j68KsT6h/OCy5U9uAOZAipCuUqqw6:CR5N+j+5+RsqGGuUipzyw6
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-