Overview

overview

10

Static

static

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file.exe

  • Size

    228KB

  • Sample

    221221-mby19afb9w

  • MD5

    cbe588c4b43ca5ae60975b4f48bbb527

  • SHA1

    590cac59314d585409d3d253bf2faaf54d9f34d1

  • SHA256

    83e5e0c1261896af2269ccef51be183264a1b9ea35db2c33386d8f642e5a3602

  • SHA512

    b0beeec2abea565bd3a3afc338043bf4101be299e97ec0c163b7917c67bed8a11b330978861dc0ffd6b09f108e2dacb36d9c71d265f6ec110e23da1b37a8bffa

  • SSDEEP

    3072:vyq2QyrL5FA15SIUc5MdRIyOZ5OyByHDRfL1ThbwgpL6WzgKr/sJ:9UrL5F7pc5W9e/ByHNfBTRwsL6Wzz/

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      file.exe

    • Size

      228KB

    • MD5

      cbe588c4b43ca5ae60975b4f48bbb527

    • SHA1

      590cac59314d585409d3d253bf2faaf54d9f34d1

    • SHA256

      83e5e0c1261896af2269ccef51be183264a1b9ea35db2c33386d8f642e5a3602

    • SHA512

      b0beeec2abea565bd3a3afc338043bf4101be299e97ec0c163b7917c67bed8a11b330978861dc0ffd6b09f108e2dacb36d9c71d265f6ec110e23da1b37a8bffa

    • SSDEEP

      3072:vyq2QyrL5FA15SIUc5MdRIyOZ5OyByHDRfL1ThbwgpL6WzgKr/sJ:9UrL5F7pc5W9e/ByHNfBTRwsL6Wzz/

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Executes dropped EXE

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks