Overview

overview

10

Static

static

c10ebeb0d2...12.exe

windows7_x64

10

c10ebeb0d2...12.exe

windows10_x64

10

Resubmissions

24-01-2022 15:55

220124-tcsn7afch2 10

11-10-2021 17:18

211011-vvdteshga6 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c10ebeb0d29119a2a7177f857318d012.exe

  • Size

    337KB

  • Sample

    220124-tcsn7afch2

  • MD5

    c10ebeb0d29119a2a7177f857318d012

  • SHA1

    687672a6b2001376c192991c1b5237cf6467f393

  • SHA256

    4eb02a90be27af84c49a2f62da8e179e5117d82db4e25c7a2c80e2954583bdb3

  • SHA512

    447e1010864262bc642613b1f597507689d92353930a398bd85a24e2728ea7eb6ad75c413943966a5828422b380de2eff69725c0e5468125e2d9fa35a16df292

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Extracted

Family

smokeloader

Version

2020

C2

http://linavanandr11.club/

http://iselaharty12.club/

http://giovaninardo13.club/

http://zayneliann14.club/

http://zorinosali15.club/
rc4.i32
rc4.i32

Targets

    • Target

      c10ebeb0d29119a2a7177f857318d012.exe

    • Size

      337KB

    • MD5

      c10ebeb0d29119a2a7177f857318d012

    • SHA1

      687672a6b2001376c192991c1b5237cf6467f393

    • SHA256

      4eb02a90be27af84c49a2f62da8e179e5117d82db4e25c7a2c80e2954583bdb3

    • SHA512

      447e1010864262bc642613b1f597507689d92353930a398bd85a24e2728ea7eb6ad75c413943966a5828422b380de2eff69725c0e5468125e2d9fa35a16df292

    Score
    10/10
    smokeloaderbackdoortrojan

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Deletes itself

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks