General

  • Target

    7ca1e947058c5fd727b73b87834cddf260c1afe4ce89a9707cf4d03eeffc2285

  • Size

    147KB

  • Sample

    221006-awglgsgac5

  • MD5

    18a143c262d797a8af69490342be6dcd

  • SHA1

    10316739640f41776cc938ba0c9b9029f55b3326

  • SHA256

    7ca1e947058c5fd727b73b87834cddf260c1afe4ce89a9707cf4d03eeffc2285

  • SHA512

    d85a6cbd2c55681d31acb7a5e4353eaefe476197b4ed54e83e34e78eea0f5837c5643db76ef0086e7d77055ccb6f2119f2225eb4af95969bb9f1546f34c08794

  • SSDEEP

    3072:6tQxHgehf9oUu8HmyLznBtdYlLfMz/z0jQA58/O:cg6PgDLVyLfMz/ojQM8/

Malware Config

Targets

    • Target

      7ca1e947058c5fd727b73b87834cddf260c1afe4ce89a9707cf4d03eeffc2285

    • Size

      147KB

    • MD5

      18a143c262d797a8af69490342be6dcd

    • SHA1

      10316739640f41776cc938ba0c9b9029f55b3326

    • SHA256

      7ca1e947058c5fd727b73b87834cddf260c1afe4ce89a9707cf4d03eeffc2285

    • SHA512

      d85a6cbd2c55681d31acb7a5e4353eaefe476197b4ed54e83e34e78eea0f5837c5643db76ef0086e7d77055ccb6f2119f2225eb4af95969bb9f1546f34c08794

    • SSDEEP

      3072:6tQxHgehf9oUu8HmyLznBtdYlLfMz/z0jQA58/O:cg6PgDLVyLfMz/ojQM8/

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Tasks