General
-
Target
9a3687187fa22e3781286b027835c8fe043b71d5826303c60ccdc513d5f992a8
-
Size
270KB
-
Sample
230925-fzpddsdh37
-
MD5
6598e98bb1edbafbe4603e85eae01c4d
-
SHA1
e130da58c07bc5c2cee451b16070233bf4acae7e
-
SHA256
9a3687187fa22e3781286b027835c8fe043b71d5826303c60ccdc513d5f992a8
-
SHA512
4719101c4c134e1d3e62995d59bccf6bd4cbd0b1e6d6a5302928627c3a745dc580fcb7f456224cac4528edbdfb65dab581a7e4ba2bca92393391aebba221140e
-
SSDEEP
6144:FR9hrJ+j+5j68KsT6h/OCy5U9uAOIAwdvqw6:FRTN+j+5+RsqGGu7/w6
Static task
static1
Behavioral task
behavioral1
Sample
9a3687187fa22e3781286b027835c8fe043b71d5826303c60ccdc513d5f992a8.exe
Resource
win10-20230915-en
Malware Config
Extracted
smokeloader
2022
http://77.91.68.29/fks/
Targets
-
-
Target
9a3687187fa22e3781286b027835c8fe043b71d5826303c60ccdc513d5f992a8
-
Size
270KB
-
MD5
6598e98bb1edbafbe4603e85eae01c4d
-
SHA1
e130da58c07bc5c2cee451b16070233bf4acae7e
-
SHA256
9a3687187fa22e3781286b027835c8fe043b71d5826303c60ccdc513d5f992a8
-
SHA512
4719101c4c134e1d3e62995d59bccf6bd4cbd0b1e6d6a5302928627c3a745dc580fcb7f456224cac4528edbdfb65dab581a7e4ba2bca92393391aebba221140e
-
SSDEEP
6144:FR9hrJ+j+5j68KsT6h/OCy5U9uAOIAwdvqw6:FRTN+j+5+RsqGGu7/w6
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-