General
-
Target
05193c12562beb5de5f05ae6816c976f.bin
-
Size
190KB
-
Sample
240110-lsxdbadaer
-
MD5
05193c12562beb5de5f05ae6816c976f
-
SHA1
2c804f81e6949e2de30359d6085a7eef7b2457e6
-
SHA256
ea755384c6e3558710e6bc8833d51e09aff904c76ecfa751895b9948feff726d
-
SHA512
9241667e0476e386cbe89f67ae3eb09f4e023283297d567c39956f15497fdf74d1751832116137f11a2e8cb4d073fd3068ecfcc284db6e26263db7059cca60d0
-
SSDEEP
3072:t07gIqLEHi+cOtsLpAjPsXp0qCAfs5qtrpJrkG5RScg7:cgIqLKi+cCjPwlCL5qBM
Static task
static1
Behavioral task
behavioral1
Sample
05193c12562beb5de5f05ae6816c976f.exe
Resource
win10-20231215-en
Behavioral task
behavioral2
Sample
05193c12562beb5de5f05ae6816c976f.exe
Resource
win11-20231215-en
Malware Config
Extracted
smokeloader
up3
Extracted
smokeloader
2020
http://host-file-host6.com/
http://host-host-file8.com/
Targets
-
-
Target
05193c12562beb5de5f05ae6816c976f.bin
-
Size
190KB
-
MD5
05193c12562beb5de5f05ae6816c976f
-
SHA1
2c804f81e6949e2de30359d6085a7eef7b2457e6
-
SHA256
ea755384c6e3558710e6bc8833d51e09aff904c76ecfa751895b9948feff726d
-
SHA512
9241667e0476e386cbe89f67ae3eb09f4e023283297d567c39956f15497fdf74d1751832116137f11a2e8cb4d073fd3068ecfcc284db6e26263db7059cca60d0
-
SSDEEP
3072:t07gIqLEHi+cOtsLpAjPsXp0qCAfs5qtrpJrkG5RScg7:cgIqLKi+cCjPwlCL5qBM
Score10/10-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-