General

  • Target

    8b445dbba6cf58d11b6628e53cef4a27f16608bdbd9265ad44af3485926dae15

  • Size

    145KB

  • Sample

    221129-1l1jqaaf59

  • MD5

    a73ec0c1c9d5850b118a74d44abe713a

  • SHA1

    126811155557bfc9ab43d4d98e161d91c9c0e6f4

  • SHA256

    8b445dbba6cf58d11b6628e53cef4a27f16608bdbd9265ad44af3485926dae15

  • SHA512

    a06402a0c02987ac2d03f50c00eb87bd24fbbcf183e48746d3c604bf2354ede25702914b7455d09684424464f7d86cfda3a1199ae907e38529b77047107dd0bf

  • SSDEEP

    3072:8DPAbX4wj9A2PUp5Tu3h9BQ9Ov1jSduqUH9i+1OH4c5PSI:qy4UA2uux9BQ9CSduqUd3sKI

Malware Config

Targets

    • Target

      8b445dbba6cf58d11b6628e53cef4a27f16608bdbd9265ad44af3485926dae15

    • Size

      145KB

    • MD5

      a73ec0c1c9d5850b118a74d44abe713a

    • SHA1

      126811155557bfc9ab43d4d98e161d91c9c0e6f4

    • SHA256

      8b445dbba6cf58d11b6628e53cef4a27f16608bdbd9265ad44af3485926dae15

    • SHA512

      a06402a0c02987ac2d03f50c00eb87bd24fbbcf183e48746d3c604bf2354ede25702914b7455d09684424464f7d86cfda3a1199ae907e38529b77047107dd0bf

    • SSDEEP

      3072:8DPAbX4wj9A2PUp5Tu3h9BQ9Ov1jSduqUH9i+1OH4c5PSI:qy4UA2uux9BQ9CSduqUd3sKI

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Tasks