Overview

overview

10

Static

static

929c37c342...03.exe

windows7-x64

10

929c37c342...03.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    929c37c3420e590dc30fbe36f02be6fded8646d2bb770a3bbb2a5b6a67188203

  • Size

    105KB

  • Sample

    221129-3n584acf9z

  • MD5

    68481775033f2b9bfa7e6ab4580ad377

  • SHA1

    c2057efda9ed2dc8ba73930ebb8b705cf0eb53d6

  • SHA256

    b37656f12090a248ae78131a2bbc6e4650ed3bd553815b07dcc5e2b3bf8ce648

  • SHA512

    5de80f69c717459fb18d2bfab5ee5781e182b6cdb086c7a4f55a4bd62d8da2a7e7fe54e93de1ecd531d5776b871e6e20c7cdf32a5827aae4102a484acac5fad9

  • SSDEEP

    3072:zdirqoWSeH++0r8QzcNUi8aZaVfmm6NQ9+57EpzP6t:J9Hp0jwN3rG+yw78bg

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      929c37c3420e590dc30fbe36f02be6fded8646d2bb770a3bbb2a5b6a67188203

    • Size

      147KB

    • MD5

      bf8690dc254f0d955aa4cf09dd5696a6

    • SHA1

      a19f4a8c747dae2a7eee5ae2dcf52d61f6c2423e

    • SHA256

      929c37c3420e590dc30fbe36f02be6fded8646d2bb770a3bbb2a5b6a67188203

    • SHA512

      d5c9b0857404f80f98614c60900fa08a4eda00a00f7f811193deecd41b5dc67b391aebe94946755d9174619b0f86790a607c76997b651b9eac95845d5f6c07b8

    • SSDEEP

      3072:5hvGjHvMf2v5asBB6qoZ+TV4QZjY6Mg+hA+x:jyHUfHs/6TQVdZjYjgCAo

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks