General
-
Target
378a0517d54f3474d66179b49fefcd080e062926a8ce769e30f943f76730c942
-
Size
129KB
-
Sample
240417-sbfgssef3z
-
MD5
cde60b9706f4e5d9c4dfc68816ad3a40
-
SHA1
0dba33917605b19f6f4ffe49484c780a9ef21e65
-
SHA256
378a0517d54f3474d66179b49fefcd080e062926a8ce769e30f943f76730c942
-
SHA512
f4aef5eca01e814f31d83ce6f38714cec1b5cd717785d49358d363b9eae0d4f9e2ddb726625b3ec096892cbea9f20f2b0b06b425a53896278f923e929bd8e17e
-
SSDEEP
3072:nSWVFdCo0zXafyvo/xZJpAFW1SpY5pX8Je:PJCXXaTPAU1j5pMJe
Static task
static1
Behavioral task
behavioral1
Sample
9c98f0f798b53d28919e7c8f7331619c509e24045d1f4dd192f86f2a6115d483.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
9c98f0f798b53d28919e7c8f7331619c509e24045d1f4dd192f86f2a6115d483.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
smokeloader
pub1
Extracted
smokeloader
2020
http://host-file-host6.com/
http://host-host-file8.com/
Targets
-
-
Target
9c98f0f798b53d28919e7c8f7331619c509e24045d1f4dd192f86f2a6115d483.exe
-
Size
203KB
-
MD5
7b2592bee2a2b4cfb28502892c619612
-
SHA1
c4477fef847e926783d54efb7c577fdb8d2407f9
-
SHA256
9c98f0f798b53d28919e7c8f7331619c509e24045d1f4dd192f86f2a6115d483
-
SHA512
c9527802e2d80f8f226471fc1d0791dea2efc29e51eba03c2525defc6d6be41e8b8f2bcf1ecf30c543a9476d520ef53ab898b912a1a69086b83cc0bb5d28c1fe
-
SSDEEP
3072:dDoO2LbVS5fgevom6PJiMrt+NqaDD3LP2uHv49GriBditdi16kwxZRUiaD:S3LbfGMTI3LPJPqG2Bkeia
Score10/10-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-