General
-
Target
f8248a8cba20836e70d81d5f004018f32701a6c21a9c177cb83316955652a21d
-
Size
270KB
-
Sample
230925-fwfxvadh28
-
MD5
251579f447a8bc4fc146b12edba6751b
-
SHA1
0f14f14f8f7b66db96e13b6984acbc4b326654cc
-
SHA256
f8248a8cba20836e70d81d5f004018f32701a6c21a9c177cb83316955652a21d
-
SHA512
68f21db9477755992f48fcddb4d820a32e6cf921064fc08c7f6de695a182f99227c25728ae7dc9e3dbe530befac6b8603d43c8c3cee920122277a80941bb6a7a
-
SSDEEP
6144:qRKacMQ+j+5j68KsT6h/OCy5UKuAORgaw4Qw6:qRKh7+j+5+RsqGhucJw6
Static task
static1
Behavioral task
behavioral1
Sample
f8248a8cba20836e70d81d5f004018f32701a6c21a9c177cb83316955652a21d.exe
Resource
win10-20230915-en
Malware Config
Extracted
smokeloader
2022
http://77.91.68.29/fks/
Targets
-
-
Target
f8248a8cba20836e70d81d5f004018f32701a6c21a9c177cb83316955652a21d
-
Size
270KB
-
MD5
251579f447a8bc4fc146b12edba6751b
-
SHA1
0f14f14f8f7b66db96e13b6984acbc4b326654cc
-
SHA256
f8248a8cba20836e70d81d5f004018f32701a6c21a9c177cb83316955652a21d
-
SHA512
68f21db9477755992f48fcddb4d820a32e6cf921064fc08c7f6de695a182f99227c25728ae7dc9e3dbe530befac6b8603d43c8c3cee920122277a80941bb6a7a
-
SSDEEP
6144:qRKacMQ+j+5j68KsT6h/OCy5UKuAORgaw4Qw6:qRKh7+j+5+RsqGhucJw6
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-