Overview

overview

10

Static

static

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    file.exe

  • Size

    174KB

  • Sample

    221125-mm8ptsah78

  • MD5

    f065b78850b011e6ab99cd2aa5c38eec

  • SHA1

    bbb9cb0f7a1cf891b35dfdb4a1bfb8c7377cd3b3

  • SHA256

    afafd19335dd016d44d67a06b437a936c978fa0b32e79a7bbea437d2718b59d9

  • SHA512

    86251fb2445c59a68c3185ea982185b96c85f17c393316894917cf003c03a72c8ebcadaf54564a0b0a1f9405726d63d4e2b3c09b2407b343e93ee9c0bac497d5

  • SSDEEP

    3072:8ID7ZwBrmLwWzXJ15paRwq/+s/6Va5w86Ac28t8a+W:/mBaLwWDuSA6DAc28qW

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      file.exe

    • Size

      174KB

    • MD5

      f065b78850b011e6ab99cd2aa5c38eec

    • SHA1

      bbb9cb0f7a1cf891b35dfdb4a1bfb8c7377cd3b3

    • SHA256

      afafd19335dd016d44d67a06b437a936c978fa0b32e79a7bbea437d2718b59d9

    • SHA512

      86251fb2445c59a68c3185ea982185b96c85f17c393316894917cf003c03a72c8ebcadaf54564a0b0a1f9405726d63d4e2b3c09b2407b343e93ee9c0bac497d5

    • SSDEEP

      3072:8ID7ZwBrmLwWzXJ15paRwq/+s/6Va5w86Ac28t8a+W:/mBaLwWDuSA6DAc28qW

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks