General
-
Target
be1c79275d836696a00b258d15a8b337a8c9beb8198a5bd3d5aaf64d660c8005.exe
-
Size
241KB
-
Sample
240725-gf3x4s1hnk
-
MD5
1d71d802fb38181c29a9844716b11ab2
-
SHA1
9039f711a6d9f709329a80176a2dd4db023e9188
-
SHA256
be1c79275d836696a00b258d15a8b337a8c9beb8198a5bd3d5aaf64d660c8005
-
SHA512
daa43a543385efac11534c9646859373667c954448eb3ac9f0ed533777c3218c78a9e8c7710d38cdfb6898faf358a3db19212f2ff9aff002d3f625e9ab348062
-
SSDEEP
3072:8bKK0udcEAuWCFKmWi6SGF5HsFbzkGCH:uxCERWThJstF
Static task
static1
Behavioral task
behavioral1
Sample
be1c79275d836696a00b258d15a8b337a8c9beb8198a5bd3d5aaf64d660c8005.exe
Resource
win7-20240705-en
Malware Config
Extracted
smokeloader
pub1
Targets
-
-
Target
be1c79275d836696a00b258d15a8b337a8c9beb8198a5bd3d5aaf64d660c8005.exe
-
Size
241KB
-
MD5
1d71d802fb38181c29a9844716b11ab2
-
SHA1
9039f711a6d9f709329a80176a2dd4db023e9188
-
SHA256
be1c79275d836696a00b258d15a8b337a8c9beb8198a5bd3d5aaf64d660c8005
-
SHA512
daa43a543385efac11534c9646859373667c954448eb3ac9f0ed533777c3218c78a9e8c7710d38cdfb6898faf358a3db19212f2ff9aff002d3f625e9ab348062
-
SSDEEP
3072:8bKK0udcEAuWCFKmWi6SGF5HsFbzkGCH:uxCERWThJstF
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-