General
-
Target
toolspub2.exe
-
Size
254KB
-
Sample
240205-gq9teacbc8
-
MD5
19aa57c4de1039b18b1adde011f3cffc
-
SHA1
62b7b08e21732672a1e7d906309807cb1f3980dc
-
SHA256
cf83752d5ae453dafb33548ca0cae2ec5489219283929f783ee654acbd3946ab
-
SHA512
8d41147ea2ace77a24903cf37817fcbbfe89340d8524e9f6fb4c3a7549ef77ec6b21df9ed180671b84e1df197c1dead0f4fee4be717dcf407e098962b94cb509
-
SSDEEP
3072:f9xGvQSRTii/IvRKxYX/wH28MdKvkipabTRS9R6ZSxEd/p/4CY/:r9S4iAieINvkiB9R6ZcCG
Static task
static1
Behavioral task
behavioral1
Sample
toolspub2.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
toolspub2.exe
Resource
win10-20231220-en
Malware Config
Extracted
smokeloader
up3
Extracted
smokeloader
2020
http://host-file-host6.com/
http://host-host-file8.com/
Targets
-
-
Target
toolspub2.exe
-
Size
254KB
-
MD5
19aa57c4de1039b18b1adde011f3cffc
-
SHA1
62b7b08e21732672a1e7d906309807cb1f3980dc
-
SHA256
cf83752d5ae453dafb33548ca0cae2ec5489219283929f783ee654acbd3946ab
-
SHA512
8d41147ea2ace77a24903cf37817fcbbfe89340d8524e9f6fb4c3a7549ef77ec6b21df9ed180671b84e1df197c1dead0f4fee4be717dcf407e098962b94cb509
-
SSDEEP
3072:f9xGvQSRTii/IvRKxYX/wH28MdKvkipabTRS9R6ZSxEd/p/4CY/:r9S4iAieINvkiB9R6ZcCG
Score10/10-
Deletes itself
-
Suspicious use of SetThreadContext
-