General

  • Target

    6ee08664cce1d30040a516a1af2f340defaa14b58235064af6111dbd420fb90e

  • Size

    186KB

  • Sample

    221123-mjbkxseb77

  • MD5

    86258109b64426739cbb78a699adfc9f

  • SHA1

    23434fc20f891b98a437cb90a8e696d463696345

  • SHA256

    6ee08664cce1d30040a516a1af2f340defaa14b58235064af6111dbd420fb90e

  • SHA512

    1c8b6b7b58ef8411f6e46d09cf71aabed0d61efa1308fcbe28ed59d1ae47783b9bf805c79af08d756f4cd7f8af1c6abed1bb1a6b7b710ebf1d3af82088164cd1

  • SSDEEP

    3072:Zql9+/GkLhsSmYW6KO5kf3b8qsEOhuo4N/YAnoxHH:YlQLhsSmYZWnsEOko4N/YAnW

Malware Config

Targets

    • Target

      6ee08664cce1d30040a516a1af2f340defaa14b58235064af6111dbd420fb90e

    • Size

      186KB

    • MD5

      86258109b64426739cbb78a699adfc9f

    • SHA1

      23434fc20f891b98a437cb90a8e696d463696345

    • SHA256

      6ee08664cce1d30040a516a1af2f340defaa14b58235064af6111dbd420fb90e

    • SHA512

      1c8b6b7b58ef8411f6e46d09cf71aabed0d61efa1308fcbe28ed59d1ae47783b9bf805c79af08d756f4cd7f8af1c6abed1bb1a6b7b710ebf1d3af82088164cd1

    • SSDEEP

      3072:Zql9+/GkLhsSmYW6KO5kf3b8qsEOhuo4N/YAnoxHH:YlQLhsSmYZWnsEOko4N/YAnW

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

    • Deletes itself

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks