Overview

overview

10

Static

static

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file.exe

  • Size

    227KB

  • Sample

    221226-yxpv9agh9s

  • MD5

    6e30b4b845eac4c903ab7f84e823104e

  • SHA1

    85044bab31faec5aa58cb47b13f0701391df2526

  • SHA256

    d71610b0f4ea5c8b436bc7b71903037fd2bed8e9af6b9fdcf876ee36cf633d25

  • SHA512

    be8af6ab9f613d387e723a1520864014220172965c9d051e00e6a0f7d8c26377c7fe5083ec1d8d2ca801a909c1bf169647cff0ebb176c082f9ed0af870256d1d

  • SSDEEP

    3072:CPK1LGkB57K6BiNwPa5oK7DKNWR3FjLpt1bfRlTe+V+Y700:vLGk3K6PPa5oKpR3JH1jRl6+Vl7l

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      file.exe

    • Size

      227KB

    • MD5

      6e30b4b845eac4c903ab7f84e823104e

    • SHA1

      85044bab31faec5aa58cb47b13f0701391df2526

    • SHA256

      d71610b0f4ea5c8b436bc7b71903037fd2bed8e9af6b9fdcf876ee36cf633d25

    • SHA512

      be8af6ab9f613d387e723a1520864014220172965c9d051e00e6a0f7d8c26377c7fe5083ec1d8d2ca801a909c1bf169647cff0ebb176c082f9ed0af870256d1d

    • SSDEEP

      3072:CPK1LGkB57K6BiNwPa5oK7DKNWR3FjLpt1bfRlTe+V+Y700:vLGk3K6PPa5oKpR3JH1jRl6+Vl7l

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks