General

  • Target

    417b8c94feeedac6abc847f4dc2bdc70b08b8b1d4d1df49c6c47729cc544e0a2

  • Size

    196KB

  • Sample

    220924-qga36abce9

  • MD5

    83efa151196f3eace4e4eb50c4dda39e

  • SHA1

    84a443a408c8cb9dead9b5e9157919369acd4f19

  • SHA256

    417b8c94feeedac6abc847f4dc2bdc70b08b8b1d4d1df49c6c47729cc544e0a2

  • SHA512

    d6f647c1a4166a8b2d48fe0ebf502f599c2af93c727dad78f4200b804be5e135c6601cce30419d15e440586734f48e71f6e5778aa6317e2d3e80840de3d05cba

  • SSDEEP

    3072:/15CL6BLMAbb5kT/tifDyUd5q+TIEQcbBxF/Pkk4x:qLmMNTVi2Ud5pf

Malware Config

Targets

    • Target

      417b8c94feeedac6abc847f4dc2bdc70b08b8b1d4d1df49c6c47729cc544e0a2

    • Size

      196KB

    • MD5

      83efa151196f3eace4e4eb50c4dda39e

    • SHA1

      84a443a408c8cb9dead9b5e9157919369acd4f19

    • SHA256

      417b8c94feeedac6abc847f4dc2bdc70b08b8b1d4d1df49c6c47729cc544e0a2

    • SHA512

      d6f647c1a4166a8b2d48fe0ebf502f599c2af93c727dad78f4200b804be5e135c6601cce30419d15e440586734f48e71f6e5778aa6317e2d3e80840de3d05cba

    • SSDEEP

      3072:/15CL6BLMAbb5kT/tifDyUd5q+TIEQcbBxF/Pkk4x:qLmMNTVi2Ud5pf

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

    • Deletes itself

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks