General

  • Target

    dc6fb2b02b9ec5ed4d2d6582f8194dc582becb9680136d67097216821228727f.exe

  • Size

    341KB

  • Sample

    221206-d7q6vacc8v

  • MD5

    e53f5a9fc8f668c57ebd2d4ad517667f

  • SHA1

    0afdae9b913881c956c67aca07ec0c3b017ed552

  • SHA256

    dc6fb2b02b9ec5ed4d2d6582f8194dc582becb9680136d67097216821228727f

  • SHA512

    df26192bfd7d703a17445fe135875f9eab40a3c0ba2a00a2f9904a0e186f1865fe6008ffbf5879e50048d4a1480e5d4b651cc83fc17eee74cc984b6bd1ee0d1f

  • SSDEEP

    6144:H48iA0XChWuxLmC5lwsjjHymlglzrWdG1PZ:H48iAwCouxmMwsvyWglzCdG

Malware Config

Targets

    • Target

      dc6fb2b02b9ec5ed4d2d6582f8194dc582becb9680136d67097216821228727f.exe

    • Size

      341KB

    • MD5

      e53f5a9fc8f668c57ebd2d4ad517667f

    • SHA1

      0afdae9b913881c956c67aca07ec0c3b017ed552

    • SHA256

      dc6fb2b02b9ec5ed4d2d6582f8194dc582becb9680136d67097216821228727f

    • SHA512

      df26192bfd7d703a17445fe135875f9eab40a3c0ba2a00a2f9904a0e186f1865fe6008ffbf5879e50048d4a1480e5d4b651cc83fc17eee74cc984b6bd1ee0d1f

    • SSDEEP

      6144:H48iA0XChWuxLmC5lwsjjHymlglzrWdG1PZ:H48iAwCouxmMwsvyWglzCdG

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Matrix ATT&CK v6

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Tasks