General
-
Target
8da313e45a206fec25907770fe737aa1a5dea1d5cd934924758401930a8c147f
-
Size
270KB
-
Sample
230925-fpljracc9y
-
MD5
6f9135d57f8cb09750b0386e2c59fc8c
-
SHA1
f46760bc663baf2608f141251f743264b935978a
-
SHA256
8da313e45a206fec25907770fe737aa1a5dea1d5cd934924758401930a8c147f
-
SHA512
d7c26a7f8c944d03c80fe4415d1d6444de9d7e5be0ffd494026741535bb396aa9524c06a86b6103877b151f9219de23d9377a6ec07171b1708f6b4ae5f432733
-
SSDEEP
6144:iR+hrJ+j+5j68KsT6h/OCy5U9uAOVAXpwltBn3qw6:iRIN+j+5+RsqGGuoKuw6
Static task
static1
Behavioral task
behavioral1
Sample
8da313e45a206fec25907770fe737aa1a5dea1d5cd934924758401930a8c147f.exe
Resource
win10-20230915-en
Malware Config
Extracted
smokeloader
2022
http://77.91.68.29/fks/
Targets
-
-
Target
8da313e45a206fec25907770fe737aa1a5dea1d5cd934924758401930a8c147f
-
Size
270KB
-
MD5
6f9135d57f8cb09750b0386e2c59fc8c
-
SHA1
f46760bc663baf2608f141251f743264b935978a
-
SHA256
8da313e45a206fec25907770fe737aa1a5dea1d5cd934924758401930a8c147f
-
SHA512
d7c26a7f8c944d03c80fe4415d1d6444de9d7e5be0ffd494026741535bb396aa9524c06a86b6103877b151f9219de23d9377a6ec07171b1708f6b4ae5f432733
-
SSDEEP
6144:iR+hrJ+j+5j68KsT6h/OCy5U9uAOVAXpwltBn3qw6:iRIN+j+5+RsqGGuoKuw6
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-