Overview

overview

10

Static

static

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    file.exe

  • Size

    223KB

  • Sample

    221225-epmw5seb9y

  • MD5

    04561fb98fc371b2ba74fa70ff8e66be

  • SHA1

    45ae22e63b0bdd26f552ebc6b94975d9a7020278

  • SHA256

    95ed83ae2461271437cb113355673df5e7cdba4a720ec57ec3f2db857ad62a65

  • SHA512

    b731ab76d3e976282a94f23b049abc1dc29d36cc1845294c6949b35d0ec27a9d299a8754583930b97434c720161359c190c4bcb670fde3305648524c2b7e8556

  • SSDEEP

    3072:qDF6BLhk5MxrVBOXDA1NUslkIhauDmr5af/ln:LBLhnx72A1NUsllaMIG

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      file.exe

    • Size

      223KB

    • MD5

      04561fb98fc371b2ba74fa70ff8e66be

    • SHA1

      45ae22e63b0bdd26f552ebc6b94975d9a7020278

    • SHA256

      95ed83ae2461271437cb113355673df5e7cdba4a720ec57ec3f2db857ad62a65

    • SHA512

      b731ab76d3e976282a94f23b049abc1dc29d36cc1845294c6949b35d0ec27a9d299a8754583930b97434c720161359c190c4bcb670fde3305648524c2b7e8556

    • SSDEEP

      3072:qDF6BLhk5MxrVBOXDA1NUslkIhauDmr5af/ln:LBLhnx72A1NUsllaMIG

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks