Overview

overview

10

Static

static

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file.exe

  • Size

    191KB

  • Sample

    221201-yyasqafh74

  • MD5

    0e59d0f0fe592cdde1355728f4319d82

  • SHA1

    887daf1a12c812f096c2314cf81219ec7885df35

  • SHA256

    25b8e3ad00c54de80c6ead3827b0a17374430bb82bdb5618b9889d5764831663

  • SHA512

    07e8e8570ebf8acecdbb937b72b30e74231bf48d2f5d8b3e15a92a99813f45f25f791b4c4bb02133227ebdc06d68977c6730c6be81156453a3e2f69db2254bf8

  • SSDEEP

    3072:S9J3XId0c6Tc5p8yJwuiiy+gyEn8rCArIikwDAbEaqgqMfu:cA0BGIiyTf4CAGNEavfu

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      file.exe

    • Size

      191KB

    • MD5

      0e59d0f0fe592cdde1355728f4319d82

    • SHA1

      887daf1a12c812f096c2314cf81219ec7885df35

    • SHA256

      25b8e3ad00c54de80c6ead3827b0a17374430bb82bdb5618b9889d5764831663

    • SHA512

      07e8e8570ebf8acecdbb937b72b30e74231bf48d2f5d8b3e15a92a99813f45f25f791b4c4bb02133227ebdc06d68977c6730c6be81156453a3e2f69db2254bf8

    • SSDEEP

      3072:S9J3XId0c6Tc5p8yJwuiiy+gyEn8rCArIikwDAbEaqgqMfu:cA0BGIiyTf4CAGNEavfu

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks