Overview

overview

10

Static

static

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    file.exe

  • Size

    297KB

  • Sample

    221227-lw8kraef77

  • MD5

    73482cb2086c1ad49b3e6b2f29e51321

  • SHA1

    7a48c401ae47fa004b61e1d489e3bcc3b3bdbe18

  • SHA256

    c708a045f3abcc660e77d52da3c67135bbb2a722355f0c99a36760e06c54fb06

  • SHA512

    13c6708ca2115889cff6d1f5ccf8b8c4e37972c36269a2578e6655c28dd81ec8817d4df2157003121b75e06856b5156ba44f002407a00f3d69e235b3470c4279

  • SSDEEP

    6144:kLjqYzVcEJTc7MADJqlLOrjce58xQ3xDPkMo5zXbAc:kvPzVHSBwxOH758xaxDPyrbA

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      file.exe

    • Size

      297KB

    • MD5

      73482cb2086c1ad49b3e6b2f29e51321

    • SHA1

      7a48c401ae47fa004b61e1d489e3bcc3b3bdbe18

    • SHA256

      c708a045f3abcc660e77d52da3c67135bbb2a722355f0c99a36760e06c54fb06

    • SHA512

      13c6708ca2115889cff6d1f5ccf8b8c4e37972c36269a2578e6655c28dd81ec8817d4df2157003121b75e06856b5156ba44f002407a00f3d69e235b3470c4279

    • SSDEEP

      6144:kLjqYzVcEJTc7MADJqlLOrjce58xQ3xDPkMo5zXbAc:kvPzVHSBwxOH758xaxDPyrbA

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks