Overview

overview

10

Static

static

cb4ac8fd91...11.exe

windows7-x64

10

cb4ac8fd91...11.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cb4ac8fd9112d0cd5ad108bbe188d5b5c22fbe2f47e0b29dd502dbbcdb7a2311

  • Size

    176KB

  • Sample

    221206-cwq62abg71

  • MD5

    fc431895c3a0ad31cacf4b62a0414149

  • SHA1

    ec4eb2609b5608c174a78833ed1a06f807368456

  • SHA256

    dccbd8cf3f883b276cfd7ff69e364feeb742570427419669e5a21c7a772b364e

  • SHA512

    b59a1757cb50a0809047767d4348e00ac1b6b00cba0da636c2ff7bf04ed932c899c9871f5c60873d7052243bdebed4d086874e252ac07d301204bf648e9638eb

  • SSDEEP

    3072:Wf88Jf3KEUIfn7hbIkCMHVVFgMjvzCHqA66MXMmEwLwy3Q8ucgswju9Is0WKZ6G1:M8+3KEUK7hbfFf0qArcCeQigsp9oOJ61

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      cb4ac8fd9112d0cd5ad108bbe188d5b5c22fbe2f47e0b29dd502dbbcdb7a2311

    • Size

      274KB

    • MD5

      c789bbb234fe680fa34e955c78bc8b97

    • SHA1

      14d9144247d846a9085bbdea6d1ff29f2b22f89c

    • SHA256

      cb4ac8fd9112d0cd5ad108bbe188d5b5c22fbe2f47e0b29dd502dbbcdb7a2311

    • SHA512

      f56c3e657cd2cd632e75cada800d8192694543b2c84f6e08cb07870bf5037b0e715ea6d2aa8d9e7c8b4952dce29acaed71f3d45159cff152f37bc47dc070c470

    • SSDEEP

      3072:QZXVU6YPSSWoeRLf63YWR5u4Gg2a66MXMODD+iVRvJTcpqD9on3YgV2qs64j:Q9XC+f63k4FxrcT+IDcUyfVS

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks