Overview

overview

10

Static

static

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file.exe

  • Size

    273KB

  • Sample

    221206-fdzl8she25

  • MD5

    0d4a44c4df75695dc1c0eb6bed88df15

  • SHA1

    3cbf13a1c15a7523eee7c1461ce81b55680b6cd8

  • SHA256

    95ebd4d8c7a834d2dcc234af372d71285fd7e79f68ad661f3e01f9a779c3a3e7

  • SHA512

    aba9b4401e6f867cd09f6faa4f81cfc8f17bc49c207e7f764544787a6091876cbb47fbee6a4c976baa1a420e19fe097008e748a42a9cf487b74eb58b8eb0da47

  • SSDEEP

    3072:/5XVB8YBPGxYMUsy5rWR5Xuk/Fw352j709FhOioDdnfIiVRvJTcpA4YgV2qs64j:/dKUsy5x32ihnoD1IIDcm0VS

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      file.exe

    • Size

      273KB

    • MD5

      0d4a44c4df75695dc1c0eb6bed88df15

    • SHA1

      3cbf13a1c15a7523eee7c1461ce81b55680b6cd8

    • SHA256

      95ebd4d8c7a834d2dcc234af372d71285fd7e79f68ad661f3e01f9a779c3a3e7

    • SHA512

      aba9b4401e6f867cd09f6faa4f81cfc8f17bc49c207e7f764544787a6091876cbb47fbee6a4c976baa1a420e19fe097008e748a42a9cf487b74eb58b8eb0da47

    • SSDEEP

      3072:/5XVB8YBPGxYMUsy5rWR5Xuk/Fw352j709FhOioDdnfIiVRvJTcpA4YgV2qs64j:/dKUsy5x32ihnoD1IIDcm0VS

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks