General
-
Target
b290e30290a9ed3bd4f931403258a43c3b326a183311a29478e6a822ca543a4a
-
Size
270KB
-
Sample
230925-gj18pace7x
-
MD5
466af5c3b701fed7d0ba563dc2983732
-
SHA1
6cb9f475516225f28d734e174151023269a707ed
-
SHA256
b290e30290a9ed3bd4f931403258a43c3b326a183311a29478e6a822ca543a4a
-
SHA512
373832505a617347d1075930d060c220d2ce9a31aacd59382555e6fa75b92ae2624f83c56aaa3b3aad35e6c8df8d8586211523ced585416f1b2660bfb83ee5bf
-
SSDEEP
6144:rRkhrJ+j+5j68KsT6h/OCy5U9uAOCAequqw6:rRKN+j+5+RsqGGuVesw6
Static task
static1
Behavioral task
behavioral1
Sample
b290e30290a9ed3bd4f931403258a43c3b326a183311a29478e6a822ca543a4a.exe
Resource
win10-20230831-en
Malware Config
Extracted
smokeloader
2022
http://77.91.68.29/fks/
Targets
-
-
Target
b290e30290a9ed3bd4f931403258a43c3b326a183311a29478e6a822ca543a4a
-
Size
270KB
-
MD5
466af5c3b701fed7d0ba563dc2983732
-
SHA1
6cb9f475516225f28d734e174151023269a707ed
-
SHA256
b290e30290a9ed3bd4f931403258a43c3b326a183311a29478e6a822ca543a4a
-
SHA512
373832505a617347d1075930d060c220d2ce9a31aacd59382555e6fa75b92ae2624f83c56aaa3b3aad35e6c8df8d8586211523ced585416f1b2660bfb83ee5bf
-
SSDEEP
6144:rRkhrJ+j+5j68KsT6h/OCy5U9uAOCAequqw6:rRKN+j+5+RsqGGuVesw6
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-