General

  • Target

    955dd437c912b2bd1b8daed0a7a21f736c90270f80980fcd5f5dfac089a520e7

  • Size

    146KB

  • Sample

    221006-apsp6sgcal

  • MD5

    6b2f67249b6ad98d2b843d93761caf05

  • SHA1

    6a4df8fc9eb3fcb19d7a0ff3c10b3ec2caa97b62

  • SHA256

    955dd437c912b2bd1b8daed0a7a21f736c90270f80980fcd5f5dfac089a520e7

  • SHA512

    b226cecdff974dd7da474b73f30f0997c7fe44d639ac836cbc835101643373c52bbc35b12260deea6d79a150e84f72f5221855c8396d559e2be8086686ab5c8b

  • SSDEEP

    3072:OVUUHpvyhfWd7tMoUZCBCiU2sIFqW3NLTXO:0nJHNPBCiU2skNX

Malware Config

Targets

    • Target

      955dd437c912b2bd1b8daed0a7a21f736c90270f80980fcd5f5dfac089a520e7

    • Size

      146KB

    • MD5

      6b2f67249b6ad98d2b843d93761caf05

    • SHA1

      6a4df8fc9eb3fcb19d7a0ff3c10b3ec2caa97b62

    • SHA256

      955dd437c912b2bd1b8daed0a7a21f736c90270f80980fcd5f5dfac089a520e7

    • SHA512

      b226cecdff974dd7da474b73f30f0997c7fe44d639ac836cbc835101643373c52bbc35b12260deea6d79a150e84f72f5221855c8396d559e2be8086686ab5c8b

    • SSDEEP

      3072:OVUUHpvyhfWd7tMoUZCBCiU2sIFqW3NLTXO:0nJHNPBCiU2skNX

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Tasks