General

  • Target

    655ebb5eb2fee7a6d47f018eb57dd8f500de7e3407d546f8519feecc4d8cd345

  • Size

    146KB

  • Sample

    221006-bjkm2sgaf4

  • MD5

    ae7dc92ad4e8ab93ef42aea51e898544

  • SHA1

    c6ea4ba9076945c149c962e5a90aee32828c5044

  • SHA256

    655ebb5eb2fee7a6d47f018eb57dd8f500de7e3407d546f8519feecc4d8cd345

  • SHA512

    4a4362010bf75ddfaedfcabc3e8122b43d79dd43851a10f5b050783d960d30a59c933933fbe6ac87b93510598e976cb06f73ebea6e0ba8245d99f6b0838df6f8

  • SSDEEP

    3072:KR1j9C05bhfH+DVMrbWSu5P6rCyvVB8/PEa53pqtlnhS9WO:s3C0SDMu5P6rCYEMO3pqtloW

Malware Config

Targets

    • Target

      655ebb5eb2fee7a6d47f018eb57dd8f500de7e3407d546f8519feecc4d8cd345

    • Size

      146KB

    • MD5

      ae7dc92ad4e8ab93ef42aea51e898544

    • SHA1

      c6ea4ba9076945c149c962e5a90aee32828c5044

    • SHA256

      655ebb5eb2fee7a6d47f018eb57dd8f500de7e3407d546f8519feecc4d8cd345

    • SHA512

      4a4362010bf75ddfaedfcabc3e8122b43d79dd43851a10f5b050783d960d30a59c933933fbe6ac87b93510598e976cb06f73ebea6e0ba8245d99f6b0838df6f8

    • SSDEEP

      3072:KR1j9C05bhfH+DVMrbWSu5P6rCyvVB8/PEa53pqtlnhS9WO:s3C0SDMu5P6rCYEMO3pqtloW

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

    • Deletes itself

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Tasks