General
-
Target
439a06201b5ba15e0bd8a63f93ea5360ceccda568d41706713e65ed586bbebbf
-
Size
270KB
-
Sample
230925-ebadwsbh6s
-
MD5
6a051227d17f43b82cfe5f186c688e6c
-
SHA1
808c35780de1c04b51e246a00556234aa79154bc
-
SHA256
439a06201b5ba15e0bd8a63f93ea5360ceccda568d41706713e65ed586bbebbf
-
SHA512
028b82eaab807d89da21bf77a75ba7359d2f044d506f0b14a6235258b58ea96084d71913c8218ffc57ce6b2cdc245fd75a8706926ef9b70c0687a4ec118a9c8d
-
SSDEEP
6144:URmhrJ+j+5j68KsT6h/OCy5U9uAOnAOpSS+Xgqw6:URQN+j+5+RsqGGu2xXpw6
Static task
static1
Behavioral task
behavioral1
Sample
439a06201b5ba15e0bd8a63f93ea5360ceccda568d41706713e65ed586bbebbf.exe
Resource
win10-20230915-en
Malware Config
Extracted
smokeloader
2022
http://77.91.68.29/fks/
Targets
-
-
Target
439a06201b5ba15e0bd8a63f93ea5360ceccda568d41706713e65ed586bbebbf
-
Size
270KB
-
MD5
6a051227d17f43b82cfe5f186c688e6c
-
SHA1
808c35780de1c04b51e246a00556234aa79154bc
-
SHA256
439a06201b5ba15e0bd8a63f93ea5360ceccda568d41706713e65ed586bbebbf
-
SHA512
028b82eaab807d89da21bf77a75ba7359d2f044d506f0b14a6235258b58ea96084d71913c8218ffc57ce6b2cdc245fd75a8706926ef9b70c0687a4ec118a9c8d
-
SSDEEP
6144:URmhrJ+j+5j68KsT6h/OCy5U9uAOnAOpSS+Xgqw6:URQN+j+5+RsqGGu2xXpw6
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-