Overview

overview

10

Static

static

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    file

  • Size

    213KB

  • Sample

    221220-rzt5esaa86

  • MD5

    7e79f54b49539f900db591d5c07af6c5

  • SHA1

    cf62c293e4206073c7a18caff58ff15fd812e14e

  • SHA256

    cc5581a7e54f55b4b84718906d49662340f8f1b2d58a11c4c525e795a2605bb0

  • SHA512

    f4b8292b1baddd0aa45e515a5cee42d608c8227cc13683a42b280810eaff3f9e7aca55bdf1a020e921ca29f3bed7c812ef39f7eac524b4f1cdd59c8c6b2d58b6

  • SSDEEP

    3072:xzLxv7RW6U+4H1spBnL7bWa8L57b/jgeLMFNHCDml:9Lx4waWnjWplbpSCa

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      file

    • Size

      213KB

    • MD5

      7e79f54b49539f900db591d5c07af6c5

    • SHA1

      cf62c293e4206073c7a18caff58ff15fd812e14e

    • SHA256

      cc5581a7e54f55b4b84718906d49662340f8f1b2d58a11c4c525e795a2605bb0

    • SHA512

      f4b8292b1baddd0aa45e515a5cee42d608c8227cc13683a42b280810eaff3f9e7aca55bdf1a020e921ca29f3bed7c812ef39f7eac524b4f1cdd59c8c6b2d58b6

    • SSDEEP

      3072:xzLxv7RW6U+4H1spBnL7bWa8L57b/jgeLMFNHCDml:9Lx4waWnjWplbpSCa

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Executes dropped EXE

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks