Overview

overview

10

Static

static

438ce9fd58...cc.exe

windows7-x64

10

Resubmissions

19-11-2022 05:24

221119-f356bafb39 10

18-11-2022 14:50

221118-r7wm8ahf53 10

18-11-2022 14:29

221118-rtpyhshe89 10

18-11-2022 14:22

221118-rplqasdd9v 10

18-11-2022 14:19

221118-rmwgqadd8x 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    438ce9fd583ae339b35894e78a472e5351280827cb1037c252c64e186b1229cc

  • Size

    336KB

  • Sample

    221118-rtpyhshe89

  • MD5

    bdfcfdaea2f15e488af7f465eefb8f76

  • SHA1

    9edede4d3754baa79eb726275f9d10b4bc5a7973

  • SHA256

    438ce9fd583ae339b35894e78a472e5351280827cb1037c252c64e186b1229cc

  • SHA512

    4b18f277fd1a5439b98e3bb61a58ce890bb9125b7317517fc1596c18f1775125296c7cd948147398d6e312279b48b466fed4c3a689d6b485aae53764122dd732

  • SSDEEP

    6144:4pONwCMhMfMVDAFKUv7W148zZ+hp0fBa1nugw:hNuhMWDghVXhp0fQ1jw

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      438ce9fd583ae339b35894e78a472e5351280827cb1037c252c64e186b1229cc

    • Size

      336KB

    • MD5

      bdfcfdaea2f15e488af7f465eefb8f76

    • SHA1

      9edede4d3754baa79eb726275f9d10b4bc5a7973

    • SHA256

      438ce9fd583ae339b35894e78a472e5351280827cb1037c252c64e186b1229cc

    • SHA512

      4b18f277fd1a5439b98e3bb61a58ce890bb9125b7317517fc1596c18f1775125296c7cd948147398d6e312279b48b466fed4c3a689d6b485aae53764122dd732

    • SSDEEP

      6144:4pONwCMhMfMVDAFKUv7W148zZ+hp0fBa1nugw:hNuhMWDghVXhp0fQ1jw

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Executes dropped EXE

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks