Overview

overview

10

Static

static

929882be0f...c8.exe

windows7-x64

10

929882be0f...c8.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    929882be0fa5b77a571251f3698d0bc8.exe

  • Size

    301KB

  • Sample

    221123-hs782aed43

  • MD5

    929882be0fa5b77a571251f3698d0bc8

  • SHA1

    065434ea50364cfb31727af153bc887e33a8c8a4

  • SHA256

    082a06d914150e8388b803745507a56f8387d6f3dea943f44525e58955de9019

  • SHA512

    ad8d4344debc2c7a78d45bc98aeee7d1be04197e0e7d35a7cbf8742575cd04a9e79f2c375512306a5d2af9b20a37425239480d0db4417145981bb03baab9f0b8

  • SSDEEP

    6144:ia7t2SlY1ZvPhn4Tfxq+TZ2KNauCflrX4lO6fE6Nn:t8Wyv14TfxJdcuQlrDJ6N

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      929882be0fa5b77a571251f3698d0bc8.exe

    • Size

      301KB

    • MD5

      929882be0fa5b77a571251f3698d0bc8

    • SHA1

      065434ea50364cfb31727af153bc887e33a8c8a4

    • SHA256

      082a06d914150e8388b803745507a56f8387d6f3dea943f44525e58955de9019

    • SHA512

      ad8d4344debc2c7a78d45bc98aeee7d1be04197e0e7d35a7cbf8742575cd04a9e79f2c375512306a5d2af9b20a37425239480d0db4417145981bb03baab9f0b8

    • SSDEEP

      6144:ia7t2SlY1ZvPhn4Tfxq+TZ2KNauCflrX4lO6fE6Nn:t8Wyv14TfxJdcuQlrDJ6N

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks