Overview

overview

10

Static

static

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file.exe

  • Size

    224KB

  • Sample

    221224-2pypzadh81

  • MD5

    681a49edc54c23fa30911ad832d1886d

  • SHA1

    f9df28fbb5c87336e2faa66b5b837c840f8d7c95

  • SHA256

    8fddc06ca1a6223556ad75ad40a318fd55571bb42d4f6cc82fc506102ad39079

  • SHA512

    4d9cb88ea72c8096576336f7c6829a04699f64abbce67f7b8398838b8cc266001f4ecfa481b3c669c7140a43195e2ea6c311f76d1f54b425d273e320bd858179

  • SSDEEP

    3072:5KEjJLDcW65bUsmPci3nhrqOTTmBnauDgodXayf/ln:9LDZxsXi3hqOTSBnaMgST

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      file.exe

    • Size

      224KB

    • MD5

      681a49edc54c23fa30911ad832d1886d

    • SHA1

      f9df28fbb5c87336e2faa66b5b837c840f8d7c95

    • SHA256

      8fddc06ca1a6223556ad75ad40a318fd55571bb42d4f6cc82fc506102ad39079

    • SHA512

      4d9cb88ea72c8096576336f7c6829a04699f64abbce67f7b8398838b8cc266001f4ecfa481b3c669c7140a43195e2ea6c311f76d1f54b425d273e320bd858179

    • SSDEEP

      3072:5KEjJLDcW65bUsmPci3nhrqOTTmBnauDgodXayf/ln:9LDZxsXi3hqOTSBnaMgST

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks