Overview

overview

10

Static

static

041a218e41...90.exe

windows7-x64

10

041a218e41...90.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    041a218e410a17ef6d0750ba060d5978afda01a9d5e0a942de8d05fe1fdf6c90

  • Size

    176KB

  • Sample

    221206-dswg1shc57

  • MD5

    d44dcf8b7905cccb89739940233f70e0

  • SHA1

    f981cc79760a748f90d72abead20e624d2798265

  • SHA256

    55c2761fc7cf198c02459f89dd6f383fa2632c374e3b90166ffe5397d6750c41

  • SHA512

    e6501580cbd990150e1bd81639f3a2493f67079f0d1a4c6d2261ac5cdde1e78575f8a18e40bc59ea1367486e83fed7d02403750cbe27dbb6e59e7513e10db167

  • SSDEEP

    3072:vh7r/5yJWMewulxtUqV3aE0102Juw1/oZny/bnN18UFKVoZh5JiyRun2ky:Fr/5yJWMzulxtUqV3ShuaQZsbN1jwoA2

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      041a218e410a17ef6d0750ba060d5978afda01a9d5e0a942de8d05fe1fdf6c90

    • Size

      274KB

    • MD5

      8880d8e96aa5af82d07133ae621b74e7

    • SHA1

      f2b02235ba67aac766632fd31520fdf1e1976ee1

    • SHA256

      041a218e410a17ef6d0750ba060d5978afda01a9d5e0a942de8d05fe1fdf6c90

    • SHA512

      cdd151feed4b3236b897f04839281ab7fe8006c59d151b2e23ac6bf7f4afbdea3ab0ccc5cd5da147c9c304989b3d6893f25476c9d9ae55e99cb93bfaca052be0

    • SSDEEP

      3072:wJXVOxYHJwDkbcVjBUWR5riPhQ02Juw1/oZny/IuoBviVRvJTcpaCBKQTYgV2qsf:wt3wxVjBEPehuaQZsuvIDcJJjVS

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks