General

  • Target

    de470ceb68745896c933ce43c900dd01f74f34eb79a5c3b3ed96142dd11609b5

  • Size

    273KB

  • Sample

    221205-y6e3eaga6v

  • MD5

    b424a9e0b478cf29218981e7e07b1ca2

  • SHA1

    666d778d576f3ce82815ea7f5371189aff2943e6

  • SHA256

    de470ceb68745896c933ce43c900dd01f74f34eb79a5c3b3ed96142dd11609b5

  • SHA512

    2a70959b56c48d6d9780a167a75fc6f6ad38eccbe835ed778e153a82e81d173303804c2b74d48e69f01ad19565becbf15ed5488667dfe10dce628c2c75f7ae85

  • SSDEEP

    3072:1x2XV3IYHEPvDR2kXFCWn5LblwlLucKofWT05nMEeCiVRvJTcp3qEThYgV2qs64C:1xe22kXFFyxKouT05MEeCIDc/VS

Malware Config

Targets

    • Target

      de470ceb68745896c933ce43c900dd01f74f34eb79a5c3b3ed96142dd11609b5

    • Size

      273KB

    • MD5

      b424a9e0b478cf29218981e7e07b1ca2

    • SHA1

      666d778d576f3ce82815ea7f5371189aff2943e6

    • SHA256

      de470ceb68745896c933ce43c900dd01f74f34eb79a5c3b3ed96142dd11609b5

    • SHA512

      2a70959b56c48d6d9780a167a75fc6f6ad38eccbe835ed778e153a82e81d173303804c2b74d48e69f01ad19565becbf15ed5488667dfe10dce628c2c75f7ae85

    • SSDEEP

      3072:1x2XV3IYHEPvDR2kXFCWn5LblwlLucKofWT05nMEeCiVRvJTcp3qEThYgV2qs64C:1xe22kXFFyxKouT05MEeCIDc/VS

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks