Overview

overview

10

Static

static

db29df4017...9a.exe

windows7-x64

10

db29df4017...9a.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    db29df401759b04c63feffd4a006d88838ff0b5cb0aed4927848d02d34e8b49a

  • Size

    193KB

  • Sample

    221202-ydeaeagc85

  • MD5

    e2f871e6c458de93f1ce419a0f9ba83a

  • SHA1

    75bc7a4a827e95fb875c5ad98663d0a2f04b3ad1

  • SHA256

    88fc34ee531cc85690b2ca0529e9a78e2e3b1d80389b6efb4ccfb2d2624f7b93

  • SHA512

    d72cc987f00b502e7a5179d1c0d1ece84cb7403db72ea8617ab1012394f55ffe9ca83bfad868528f497e6d4061c7adc27e42d532684cdc87ed70ff53b58e5ec4

  • SSDEEP

    6144:NtBgQ6U1jIFlkkCVCwuQOjlQtJ+1eM/sA38ymw241:HWF6IFlkkOCwuQ0y+1HTMyz1

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      db29df401759b04c63feffd4a006d88838ff0b5cb0aed4927848d02d34e8b49a

    • Size

      349KB

    • MD5

      128fcd80c9339efc2b38340b6a16303d

    • SHA1

      3f3a2122558510f86b3b3032e47717f6aa089a6e

    • SHA256

      db29df401759b04c63feffd4a006d88838ff0b5cb0aed4927848d02d34e8b49a

    • SHA512

      4d6e8ac7f904083c3b18b6d5a9b97292c3ccdc1b1be2db49314275da04e0de9937ffdc0a7fe0c767cb2dcc764ae49e29359d1c562942d9a346b742a2b7d140ca

    • SSDEEP

      6144:b95I8LKAiVEpPBFTRhCndOuOTcLYoleyuHuRjMgU:bPnAVEn+OPcLYhyBRQg

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks