General
-
Target
0d60f1b8aec8c0e0b5b9304fb6d7af7580802f65e3b9e0de043faa54240e8dac
-
Size
152KB
-
Sample
240417-sazjaadb45
-
MD5
0b1324bf98988b0fdba9a7d3fdd4c06a
-
SHA1
9ad3caf475e25661140cf49bcd6aa3d41a5db6b6
-
SHA256
0d60f1b8aec8c0e0b5b9304fb6d7af7580802f65e3b9e0de043faa54240e8dac
-
SHA512
4ef4e9459e56f6ef6e54bfba902cf5e04adedb3a1c42151b9ba9a9fdbfc439ff2d525b76176a68e94202ca39723fffea2c587045566e1495d25669e7223e42fb
-
SSDEEP
3072:U+6h6aLyDVpsdk7XBEfQtHFRhjlSdbPT0E45VuG9fNM:U+6h6RDzsiBEItljl4bwEirS
Static task
static1
Behavioral task
behavioral1
Sample
a8905ed9ed1f5b9d74cee3da53ebc0a21af8cbcbf86504ac52f4234cc54c60e1.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
a8905ed9ed1f5b9d74cee3da53ebc0a21af8cbcbf86504ac52f4234cc54c60e1.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
smokeloader
pub1
Extracted
smokeloader
2020
http://host-file-host6.com/
http://host-host-file8.com/
Targets
-
-
Target
a8905ed9ed1f5b9d74cee3da53ebc0a21af8cbcbf86504ac52f4234cc54c60e1.exe
-
Size
240KB
-
MD5
a70beab441000bc91a25aae31cd41f62
-
SHA1
a699eb42f5554c1239ea1fa7cce7dff7dedbed20
-
SHA256
a8905ed9ed1f5b9d74cee3da53ebc0a21af8cbcbf86504ac52f4234cc54c60e1
-
SHA512
455d61785100673a2c4078bf360f18ce4429f5d6b37e4d1ea5416b3c9cf2cfa868eea70246d62a94bf8b786a6e3d748db2828aaf5e15a016c91760c8741d671f
-
SSDEEP
3072:mfULUw/RZ6NlXJLJd/77ai8biDLtKJVoujY+ZIgvLufhgeRp:mfULzRZ6zXJLJd/77pwMmVTYgege
Score10/10-
Deletes itself
-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-