Overview

overview

10

Static

static

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file.exe

  • Size

    144KB

  • Sample

    221128-f8alladg4w

  • MD5

    c1f8a4b2c2a1860ad80af57ea4669efa

  • SHA1

    e52436d8d8d9ff8a4e41668ac7f4e2f49e495126

  • SHA256

    df739f6af2b830e5494a89d291d6d75713383d015c2ac1b61c718d26270d1262

  • SHA512

    854be658964b6c4360ad58424f81c565e6958a74276e1d539358de554bd7c71fa9565b199cf3c5354432069dd49f10801fc08ec37e9e123f3820242c23d450b2

  • SSDEEP

    3072:wxzevrZuun1S+5nfxJv2CisQMuhJhuthLml/:+evQ41vlQMwhuW

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      file.exe

    • Size

      144KB

    • MD5

      c1f8a4b2c2a1860ad80af57ea4669efa

    • SHA1

      e52436d8d8d9ff8a4e41668ac7f4e2f49e495126

    • SHA256

      df739f6af2b830e5494a89d291d6d75713383d015c2ac1b61c718d26270d1262

    • SHA512

      854be658964b6c4360ad58424f81c565e6958a74276e1d539358de554bd7c71fa9565b199cf3c5354432069dd49f10801fc08ec37e9e123f3820242c23d450b2

    • SSDEEP

      3072:wxzevrZuun1S+5nfxJv2CisQMuhJhuthLml/:+evQ41vlQMwhuW

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Downloads MZ/PE file

    • Executes dropped EXE

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks