Overview

overview

10

Static

static

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file.exe

  • Size

    228KB

  • Sample

    221222-e9dh7sdh42

  • MD5

    e0143094b2e79b6982f24adc25390231

  • SHA1

    ede56a09454c728ef81b6829f8d56859a018e97d

  • SHA256

    f32b45f52b74d6f4366cbe3316a6c0236cb25f851a704ee33edfa9e0d929d61b

  • SHA512

    12c80d325c7f57bf8e503c1ccd6853a95c1ad8ca4f99caf302d4e2166759e186c440a44d652f8b4f39a25d275cd9531581e33aed66879c9706397069a9fa00f5

  • SSDEEP

    3072:Qt6FvLOyiL5i+GbuM8PRiPW7fdT2nPre+rMNCjg2/N4xMc9p+3LJVn:m+vLh8GbuMIoWf12DfMNCs2/NGELJV

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      file.exe

    • Size

      228KB

    • MD5

      e0143094b2e79b6982f24adc25390231

    • SHA1

      ede56a09454c728ef81b6829f8d56859a018e97d

    • SHA256

      f32b45f52b74d6f4366cbe3316a6c0236cb25f851a704ee33edfa9e0d929d61b

    • SHA512

      12c80d325c7f57bf8e503c1ccd6853a95c1ad8ca4f99caf302d4e2166759e186c440a44d652f8b4f39a25d275cd9531581e33aed66879c9706397069a9fa00f5

    • SSDEEP

      3072:Qt6FvLOyiL5i+GbuM8PRiPW7fdT2nPre+rMNCjg2/N4xMc9p+3LJVn:m+vLh8GbuMIoWf12DfMNCs2/NGELJV

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Executes dropped EXE

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks