General

  • Target

    9e660276992caac71a4b1bbd2ea70da83a56a92227293b5e33aca4f2acb0d2b4

  • Size

    289KB

  • Sample

    220908-llkqyabdcq

  • MD5

    0744e337c22fa000f199a6778bd5f9a0

  • SHA1

    aa1212b6fd05449bb0e5c0a99af8dde113f95b9d

  • SHA256

    9e660276992caac71a4b1bbd2ea70da83a56a92227293b5e33aca4f2acb0d2b4

  • SHA512

    1306999fc1dd84352181e36373af1c7df4590dc1e4ecc601beacfb9460679fbffd91168b78875a48c518aba875e4a4da6cbad805d90f7d28d94ec5f6f3b2a47f

  • SSDEEP

    6144:whnwT5/goQoAD9TsYqMRbpoJcJnBU0wsyHjWL5uIxX8f+DW:bTioQoAFLqMRbpfBU0wsujw59sf+C

Malware Config

Targets

    • Target

      9e660276992caac71a4b1bbd2ea70da83a56a92227293b5e33aca4f2acb0d2b4

    • Size

      289KB

    • MD5

      0744e337c22fa000f199a6778bd5f9a0

    • SHA1

      aa1212b6fd05449bb0e5c0a99af8dde113f95b9d

    • SHA256

      9e660276992caac71a4b1bbd2ea70da83a56a92227293b5e33aca4f2acb0d2b4

    • SHA512

      1306999fc1dd84352181e36373af1c7df4590dc1e4ecc601beacfb9460679fbffd91168b78875a48c518aba875e4a4da6cbad805d90f7d28d94ec5f6f3b2a47f

    • SSDEEP

      6144:whnwT5/goQoAD9TsYqMRbpoJcJnBU0wsyHjWL5uIxX8f+DW:bTioQoAFLqMRbpfBU0wsujw59sf+C

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks