General

  • Target

    5947a20adc3e785baaba02f8dbeb489f9d9e6b2c669a38cdd99f665f3d21d80e

  • Size

    169KB

  • Sample

    220923-hdjl5addc8

  • MD5

    58ccf6667aae844634480ea231a3679f

  • SHA1

    d30bf4687d435ff87e935156919ba793818150a0

  • SHA256

    5947a20adc3e785baaba02f8dbeb489f9d9e6b2c669a38cdd99f665f3d21d80e

  • SHA512

    1c5a21dcb7bcc120d2a1d0e4d9f4117fd3146f3742679217c54336719e18b597aeba86436384b2e08fbaa155998a31568a4a8e860daf7b67870b572ec04492a2

  • SSDEEP

    3072:tK8LjEr5Ms7rWG5D3GWHGteBBhYd0B/n/PkWDn:jLIKs7rWC3JOG

Malware Config

Targets

    • Target

      5947a20adc3e785baaba02f8dbeb489f9d9e6b2c669a38cdd99f665f3d21d80e

    • Size

      169KB

    • MD5

      58ccf6667aae844634480ea231a3679f

    • SHA1

      d30bf4687d435ff87e935156919ba793818150a0

    • SHA256

      5947a20adc3e785baaba02f8dbeb489f9d9e6b2c669a38cdd99f665f3d21d80e

    • SHA512

      1c5a21dcb7bcc120d2a1d0e4d9f4117fd3146f3742679217c54336719e18b597aeba86436384b2e08fbaa155998a31568a4a8e860daf7b67870b572ec04492a2

    • SSDEEP

      3072:tK8LjEr5Ms7rWG5D3GWHGteBBhYd0B/n/PkWDn:jLIKs7rWC3JOG

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Tasks