General
-
Target
6080b64c76f77256cd15adad98e5fc85869586e069fccdb9d1477476acdb310b
-
Size
151KB
-
Sample
240417-sa2zeadb48
-
MD5
0a08e8a8f1add68cf51e9bc153218cee
-
SHA1
d4237d7da204ed392316665b18617c87d2364698
-
SHA256
6080b64c76f77256cd15adad98e5fc85869586e069fccdb9d1477476acdb310b
-
SHA512
64e693535175189447efcd33515a72cd3afaf67e533e2038ff90a69106b5ed2f6f2a3525940b9e00e96db3ab19b14889483c0134b6d49b271a28356a87b228d9
-
SSDEEP
3072:PbwDb3GDgKKhsUP/B1Ptml7z70aXMcLk1ykh3zbkhj3n6B9/fn+RRW/wJyiMhG:wb3GDgKKXP/B1PC3AwMcI1Lh3H0mpfch
Static task
static1
Behavioral task
behavioral1
Sample
cedd6842dc8e5b7b943cba42c7b1229e71963dfc5c47c52165947adb1287248b.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
cedd6842dc8e5b7b943cba42c7b1229e71963dfc5c47c52165947adb1287248b.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
smokeloader
up3
Extracted
smokeloader
2020
http://host-file-host6.com/
http://host-host-file8.com/
Targets
-
-
Target
cedd6842dc8e5b7b943cba42c7b1229e71963dfc5c47c52165947adb1287248b.exe
-
Size
239KB
-
MD5
8a5998ead64eeb32576a01030d890393
-
SHA1
5cd5662226bd724a136627834e2b1beacdb951a0
-
SHA256
cedd6842dc8e5b7b943cba42c7b1229e71963dfc5c47c52165947adb1287248b
-
SHA512
85387bd3ff646c17666dfd850e698654eafde9708de53b3b51e74f40e69e5afe76e40edaa25b0771f8d7594c5dd9aaa6626901a6f3ffdf424ae60d32e995142b
-
SSDEEP
3072:rfULUw/frbCOs7FHrG1d7nQ3At2ui0gjLM+LgeRp:rfULzfSOaFUdOI8IGge
Score10/10-
Deletes itself
-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-