Overview

overview

10

Static

static

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file.exe

  • Size

    312KB

  • Sample

    221219-qb3k8afa63

  • MD5

    59fb693f1f99ba4116d6217c674fa97a

  • SHA1

    9bee6d2088156fb8fd9d7006700e3891a20e0d8d

  • SHA256

    d4c2743f6a8068d679609782c52d39398c44479ea950b8fdf899f5d4521480aa

  • SHA512

    9f067523454ab51041d247b4336169f9efcbdbe7ed78684f25bf683f371da59fd746d2cc76273f932d1765bb0390bac0cb549b5bcfae3207f1ad546c805bd322

  • SSDEEP

    6144:QRR6LRkw5QITSgrn+IH8+2JH4rWlRjO1n:QiVkw5lSanH80rW9u

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      file.exe

    • Size

      312KB

    • MD5

      59fb693f1f99ba4116d6217c674fa97a

    • SHA1

      9bee6d2088156fb8fd9d7006700e3891a20e0d8d

    • SHA256

      d4c2743f6a8068d679609782c52d39398c44479ea950b8fdf899f5d4521480aa

    • SHA512

      9f067523454ab51041d247b4336169f9efcbdbe7ed78684f25bf683f371da59fd746d2cc76273f932d1765bb0390bac0cb549b5bcfae3207f1ad546c805bd322

    • SSDEEP

      6144:QRR6LRkw5QITSgrn+IH8+2JH4rWlRjO1n:QiVkw5lSanH80rW9u

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks