General
-
Target
db7af89cb34f058907cee0f8b830d888e5589138c562db3b391fa61e74add004
-
Size
160KB
-
Sample
230925-hjfsesec72
-
MD5
2a89b2f46ae186bbba366679235a8728
-
SHA1
12b7446c6972ef6db773f5acd95bb8d34e836cda
-
SHA256
7623024e5420841bab38565affa7a02d57e17982d2e542aa214637b846a8fc4f
-
SHA512
cd0584d78bd4fc0a729450c6c8919772411e929db8ef30104abd895ab018cc5ea29c06ef72ac17a79adf451f5a0062fb0310b3d0ff60df9af8f0e23ba4eeed04
-
SSDEEP
3072:W+f+chS36BcaZ08uU7+q4Z7ZFzw0M+5xHdm/2uA+mOPZReF9k:bf+4SKBcae8MqUj0ExHdm3A+mOP/
Static task
static1
Behavioral task
behavioral1
Sample
db7af89cb34f058907cee0f8b830d888e5589138c562db3b391fa61e74add004.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
db7af89cb34f058907cee0f8b830d888e5589138c562db3b391fa61e74add004.exe
Resource
win10v2004-20230915-en
Malware Config
Extracted
smokeloader
2022
http://77.91.68.29/fks/
Targets
-
-
Target
db7af89cb34f058907cee0f8b830d888e5589138c562db3b391fa61e74add004
-
Size
270KB
-
MD5
4f3d155a8dd309a98f9ec662f3ac34f1
-
SHA1
4dcdf0ac10d100f4fba2d9da29fa13d9d818e9bf
-
SHA256
db7af89cb34f058907cee0f8b830d888e5589138c562db3b391fa61e74add004
-
SHA512
3271244f3db0ca714bf3df564fde0ab80f7f38fa2b083ac1d97eb08a34608b87bac4916c3bb4347a220fb98a150ad6376af6a74039f133148a654d4b6a231bc7
-
SSDEEP
6144:hRIhrJ+j+5j68KsT6h/OCy5U9uAO4A7DtfFdoqw6:hRuN+j+5+RsqGGuLPzw6
Score10/10-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-