Overview

overview

10

Static

static

437d181f10...4e.exe

windows7-x64

10

437d181f10...4e.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    437d181f10e1485d07e63b4769ebe20038c5761ce902da877ee8041fe5e6384e

  • Size

    176KB

  • Sample

    221206-c45pdscc21

  • MD5

    2098ec574aaefd1d3dda13def783185d

  • SHA1

    27dc2dc4f970807a4e1188366d51ac0a4b485420

  • SHA256

    9218b6c8e34005e20c0b967b08e01cfffe0e077a74dfba3770f519d22097329e

  • SHA512

    759f27446f5feada1fef447d25acc2d828b7880b99a4dd415fc8569a7c5e98c038693a28f966896a399a22bd0a18d4fac1be83f33089abb5f84205c9129e9f6c

  • SSDEEP

    3072:L8ohlHXtMKyrO9yDv+wDK5xOP+O+CVxzJYaAGbR0OE1zapTxw37psck:gordMK2v+cK+mONzJ3bN0OaKeGck

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      437d181f10e1485d07e63b4769ebe20038c5761ce902da877ee8041fe5e6384e

    • Size

      274KB

    • MD5

      19410966916cfb55e91775736c7375db

    • SHA1

      2f0908ccaa8f02c90ef15fdc4677ed6b30c37803

    • SHA256

      437d181f10e1485d07e63b4769ebe20038c5761ce902da877ee8041fe5e6384e

    • SHA512

      06a1f7e91d40d3e03de072ee748e94f497eac8a848079fc4e8a6d77bd60e20bac00a5d193a3c5d08fe125bba696d8deab242dd6f268076925c90e73bc6c724bc

    • SSDEEP

      3072:yJk2XV86Yb9L9TchHFWn5FjIO4bw5xOP+O+CVxzDdRaiVRvJTcpOGJLoYgV2qs6f:yJkewchHKEOV+mONzDfaIDcxJLEVS

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Executes dropped EXE

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks