General

  • Target

    53ac0ae8ae39a472c23c6be9f0235f4bfe11a30ebc90e93a7ebba046302f5fbe

  • Size

    105KB

  • Sample

    221129-y3m9lsfh3y

  • MD5

    1eb72e2936feb209d301175a626d40c9

  • SHA1

    bf70d226eae08eb56d9bda5b843b3f4878362805

  • SHA256

    d15775edebbc069295918a80909e7bd62bdf778d3229156b127707aa251eac3e

  • SHA512

    ba31a5eb563a48a68dd3cb3aa5fc10ba2b979e7175f75debdc3cc0ccb5d6b69e80c184b0c8937a39a356e3148649e6d8fa03f046e8a197faf658880dc80ee34b

  • SSDEEP

    1536:Vk/4cz1YJWxM3F5Iw3K0LOqgffJ3nTcdbFkjLt3dBu7Ua0JtBSvgMMjnRF:VknZM3gw3KVqgfBnUyPt3b5aE8vgT7

Malware Config

Targets

    • Target

      53ac0ae8ae39a472c23c6be9f0235f4bfe11a30ebc90e93a7ebba046302f5fbe

    • Size

      147KB

    • MD5

      646178bbbc79efd73945789cb60bc4be

    • SHA1

      37e74281e5d21d33aaa713965045beadea1cdd95

    • SHA256

      53ac0ae8ae39a472c23c6be9f0235f4bfe11a30ebc90e93a7ebba046302f5fbe

    • SHA512

      f23169bbcd27b687c62aab854a08381cb052ab3755e1f9774e37cec4ae9d50827475df8e7cce0325908daeb6d52437909618ac281aeef6d04dd92c7f6f46280b

    • SSDEEP

      3072:e2s7PaCvJSVUn5TEuKHqTJaHSHAtmzpviVjX/:SWCvJSVJvqTIHQAszp6

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Matrix ATT&CK v6

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Tasks