Overview

overview

10

Static

static

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    file.exe

  • Size

    228KB

  • Sample

    221223-t2hwaagg25

  • MD5

    3ca45371b70a3decfdbf52ab08e9796a

  • SHA1

    bb1633a5c5ada16cef9f2d12059b550b80792cf4

  • SHA256

    9c6a0a1faca79211cb7cbd9eb111052cffb37c0ad8ec436a4587b871c1701a5a

  • SHA512

    6f6aa17c6f80710b24883bab17a79928e1c13dc82965a514170eacd3ac924a524a4ae7ebda5f69970164fde827c7459acab7b58a7d7a3d8a1c1ee5307e9358ae

  • SSDEEP

    3072:f3KMLCBEtPsn2rHX49uX/QSB+lit5rT0YUncsRu+oukz97KWBkOuRGK:yMLOco2rHX4SB8YnBukp7KpjcK

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      file.exe

    • Size

      228KB

    • MD5

      3ca45371b70a3decfdbf52ab08e9796a

    • SHA1

      bb1633a5c5ada16cef9f2d12059b550b80792cf4

    • SHA256

      9c6a0a1faca79211cb7cbd9eb111052cffb37c0ad8ec436a4587b871c1701a5a

    • SHA512

      6f6aa17c6f80710b24883bab17a79928e1c13dc82965a514170eacd3ac924a524a4ae7ebda5f69970164fde827c7459acab7b58a7d7a3d8a1c1ee5307e9358ae

    • SSDEEP

      3072:f3KMLCBEtPsn2rHX49uX/QSB+lit5rT0YUncsRu+oukz97KWBkOuRGK:yMLOco2rHX4SB8YnBukp7KpjcK

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks