General
-
Target
aa61de6ebd02482cd16996c6f42ba8ab.bin
-
Size
113KB
-
Sample
231012-vlswzsfb83
-
MD5
e1caf55e766924866cca8e292f74eedc
-
SHA1
d276d8e0bff8e25e1818fbeaaa50a3f576572f75
-
SHA256
16c4997daba8ab611ce14a28153658f87f936aa31974b796d0188faabaf50a4d
-
SHA512
6d75ec821ad9ba889fce3434ec0bce5edfb256a02bd30368714db5c641556c60db6d1137dfe321b8cdef8ffbe1bd33ff614632763ec595929a5f8649c7e62f5c
-
SSDEEP
3072:7jXz1J8AfTFUjk8mmb6khHcS914XXoJWoYBtL3umj1lwx:z1Jp7+Nmmb6k9H4HxtLes3wx
Static task
static1
Behavioral task
behavioral1
Sample
b54f42b5b0d19670960eb10c6789968a30df7e8532519b32d5ef33bf155fc034.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
b54f42b5b0d19670960eb10c6789968a30df7e8532519b32d5ef33bf155fc034.exe
Resource
win10v2004-20230915-en
Malware Config
Extracted
smokeloader
up3
Extracted
smokeloader
2020
http://host-file-host6.com/
http://host-host-file8.com/
Targets
-
-
Target
b54f42b5b0d19670960eb10c6789968a30df7e8532519b32d5ef33bf155fc034.exe
-
Size
252KB
-
MD5
aa61de6ebd02482cd16996c6f42ba8ab
-
SHA1
dea6f794cf98f0084bf14916d956818169a36b76
-
SHA256
b54f42b5b0d19670960eb10c6789968a30df7e8532519b32d5ef33bf155fc034
-
SHA512
2c638be845bd245db502abee66de6eac9a96348f2e9f81e43bcf648e14caba3d2f075f4f25261ed1ae9ae542f268d36a6214bc08fec958b6eb9e6d8d42c952e3
-
SSDEEP
3072:ajHIbQtMJSCTEKvAw2P7bhICAgYGlA5XFAf0jDb+:aEEtMJNEYAw2TCgvcX2MD
Score10/10-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-