Overview

overview

10

Static

static

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    file.exe

  • Size

    230KB

  • Sample

    221228-dk69jshc92

  • MD5

    17fd5507664795f06961da9b17c38d77

  • SHA1

    ac5b3a6a02e2f90370a365b215810c0aa0578cf8

  • SHA256

    1dc0bce733ec0d63a66bb5089e8ae109357f501ab3d65db266d3c12827a7fc4d

  • SHA512

    c6167264282ab18405e709d3bcfa633f48fd8724c2d3ba64ad8fe518d004ba6f3771aeba5ce18f538021dbfd7313199f6f42f87f5cb1adaa2a072393378cb055

  • SSDEEP

    3072:7EXqq9LR3oT5MsSFITMTzoIuwy9sQxISMNVQuKf6PtYKs/xAI9y:W9LR4WyIoIaReNVQuC61YDZ

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      file.exe

    • Size

      230KB

    • MD5

      17fd5507664795f06961da9b17c38d77

    • SHA1

      ac5b3a6a02e2f90370a365b215810c0aa0578cf8

    • SHA256

      1dc0bce733ec0d63a66bb5089e8ae109357f501ab3d65db266d3c12827a7fc4d

    • SHA512

      c6167264282ab18405e709d3bcfa633f48fd8724c2d3ba64ad8fe518d004ba6f3771aeba5ce18f538021dbfd7313199f6f42f87f5cb1adaa2a072393378cb055

    • SSDEEP

      3072:7EXqq9LR3oT5MsSFITMTzoIuwy9sQxISMNVQuKf6PtYKs/xAI9y:W9LR4WyIoIaReNVQuC61YDZ

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks