General
-
Target
4a312d9b5d2ad81ce5da704369f201268fda30a8274136c3595767203e463e9d
-
Size
1.6MB
-
Sample
240429-fl54zsbd6z
-
MD5
7a1a1ef5364d1de84ccda20479a6be66
-
SHA1
4141826fdaf7c15e6ee2f23ea0bdc2c5ef1e09ae
-
SHA256
4a312d9b5d2ad81ce5da704369f201268fda30a8274136c3595767203e463e9d
-
SHA512
7d2cf5b4894af33c56497883b6dc9d0d69ce6beb7bc6615ee2ad0b3bf1467b4e6080ca570cacd112dd011e2764b0bd663a3d05d0a72462cbbbbf49a05a7cca36
-
SSDEEP
24576:kmZ+I9s6x+YxgS7WvwCB06006XU6DixBQuGmTm:kmZ+Iqyri2NCBL6XU6mbQrm
Static task
static1
Behavioral task
behavioral1
Sample
4a312d9b5d2ad81ce5da704369f201268fda30a8274136c3595767203e463e9d.exe
Resource
win7-20240419-en
Malware Config
Extracted
smokeloader
pub3
Targets
-
-
Target
4a312d9b5d2ad81ce5da704369f201268fda30a8274136c3595767203e463e9d
-
Size
1.6MB
-
MD5
7a1a1ef5364d1de84ccda20479a6be66
-
SHA1
4141826fdaf7c15e6ee2f23ea0bdc2c5ef1e09ae
-
SHA256
4a312d9b5d2ad81ce5da704369f201268fda30a8274136c3595767203e463e9d
-
SHA512
7d2cf5b4894af33c56497883b6dc9d0d69ce6beb7bc6615ee2ad0b3bf1467b4e6080ca570cacd112dd011e2764b0bd663a3d05d0a72462cbbbbf49a05a7cca36
-
SSDEEP
24576:kmZ+I9s6x+YxgS7WvwCB06006XU6DixBQuGmTm:kmZ+Iqyri2NCBL6XU6mbQrm
-
Detect ZGRat V1
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-