General

  • Target

    82b02f490fc4286a7add6ee8ef662c9ad03b270c16baa31ee1e24019b7a344eb

  • Size

    274KB

  • Sample

    221206-dtrkfscc7s

  • MD5

    dac330876a2a3353bcd0e3a4219ed0fc

  • SHA1

    cd4405ffc9168523be0fb8ec4bf5f5b1869721a3

  • SHA256

    82b02f490fc4286a7add6ee8ef662c9ad03b270c16baa31ee1e24019b7a344eb

  • SHA512

    3f73e4571fec973e440c56c499f8c34e90fb4bbdfd93fa70a6fcea990d5c7277c3055831051dbf43e393690f2bfe0c556cea7ace00fe147dba2ee5475dae4f94

  • SSDEEP

    3072:/WXVnVYDdaWo+R7f0HwWR5lMrkk2RL6IZKKLiJRRH5qteOiVRvJTcpen1QYgV2qI:/+Aauf0HbSMRLdXiJRRHgeOIDcA1sVS

Malware Config

Targets

    • Target

      82b02f490fc4286a7add6ee8ef662c9ad03b270c16baa31ee1e24019b7a344eb

    • Size

      274KB

    • MD5

      dac330876a2a3353bcd0e3a4219ed0fc

    • SHA1

      cd4405ffc9168523be0fb8ec4bf5f5b1869721a3

    • SHA256

      82b02f490fc4286a7add6ee8ef662c9ad03b270c16baa31ee1e24019b7a344eb

    • SHA512

      3f73e4571fec973e440c56c499f8c34e90fb4bbdfd93fa70a6fcea990d5c7277c3055831051dbf43e393690f2bfe0c556cea7ace00fe147dba2ee5475dae4f94

    • SSDEEP

      3072:/WXVnVYDdaWo+R7f0HwWR5lMrkk2RL6IZKKLiJRRH5qteOiVRvJTcpen1QYgV2qI:/+Aauf0HbSMRLdXiJRRHgeOIDcA1sVS

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

    • Executes dropped EXE

MITRE ATT&CK Matrix ATT&CK v6

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Tasks