Overview

overview

10

Static

static

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file.exe

  • Size

    223KB

  • Sample

    221225-affz1sea41

  • MD5

    fcae9d848028659cc29683c18d7d21b5

  • SHA1

    0e90286ab93b8f0d89c5dd91dc04506f5debcd4d

  • SHA256

    2c159e7f51c8aecd6dffe6698c507187f6f13d3321051b601e47d1de8275086f

  • SHA512

    345f5220b6d3cf21628d78922ed199dedf4f11519e3c40dc70459dec0a290cee5e5f014985a8c1c0ab17cc0a119c3a823b1c1f200d92a169b62db57a24d4f632

  • SSDEEP

    3072:swG8Lrb3I5th5AmO8KqNnil1u5LFU+1XrhauDC+MbROf/ln:53Lrrg5A38Eu5pU0daMZd

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      file.exe

    • Size

      223KB

    • MD5

      fcae9d848028659cc29683c18d7d21b5

    • SHA1

      0e90286ab93b8f0d89c5dd91dc04506f5debcd4d

    • SHA256

      2c159e7f51c8aecd6dffe6698c507187f6f13d3321051b601e47d1de8275086f

    • SHA512

      345f5220b6d3cf21628d78922ed199dedf4f11519e3c40dc70459dec0a290cee5e5f014985a8c1c0ab17cc0a119c3a823b1c1f200d92a169b62db57a24d4f632

    • SSDEEP

      3072:swG8Lrb3I5th5AmO8KqNnil1u5LFU+1XrhauDC+MbROf/ln:53Lrrg5A38Eu5pU0daMZd

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Executes dropped EXE

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks