General

  • Target

    da071be822f0aa91cdb02444fc7d9325ca1286a54e5a27b229e8399ba6f246e9

  • Size

    211KB

  • Sample

    221031-149kcadfa2

  • MD5

    a1d4e6587d8431e0a81638f149902b76

  • SHA1

    019de7868605c08188e4996618740a0779757591

  • SHA256

    da071be822f0aa91cdb02444fc7d9325ca1286a54e5a27b229e8399ba6f246e9

  • SHA512

    e77f02970a99286f37fea67846cfffcac89f7138f7d33179fbfb442fd5f882352cd71094b86e8d2a6ce70d5a0a79039447a5d5c738fdc55f1968065968ce0e6c

  • SSDEEP

    3072:keGKdu6zSMFOuYgLDeG6Myf5DdhWkfP/JUsqTV4dUGp5h8x:keRfznFOWLDeGyWSYYUe5G

Malware Config

Targets

    • Target

      da071be822f0aa91cdb02444fc7d9325ca1286a54e5a27b229e8399ba6f246e9

    • Size

      211KB

    • MD5

      a1d4e6587d8431e0a81638f149902b76

    • SHA1

      019de7868605c08188e4996618740a0779757591

    • SHA256

      da071be822f0aa91cdb02444fc7d9325ca1286a54e5a27b229e8399ba6f246e9

    • SHA512

      e77f02970a99286f37fea67846cfffcac89f7138f7d33179fbfb442fd5f882352cd71094b86e8d2a6ce70d5a0a79039447a5d5c738fdc55f1968065968ce0e6c

    • SSDEEP

      3072:keGKdu6zSMFOuYgLDeG6Myf5DdhWkfP/JUsqTV4dUGp5h8x:keRfznFOWLDeGyWSYYUe5G

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

    • Deletes itself

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks