Overview

overview

10

Static

static

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    file.exe

  • Size

    308KB

  • Sample

    221229-1kb5qshe4s

  • MD5

    3c3d638b755fae7701f8e4899655779a

  • SHA1

    5f5ec308741bfe116b82df12af0bcfd7e463b682

  • SHA256

    bccafa20960caeb5e17bb35c42029114cbb916c50b44db08e90e94edfc61c883

  • SHA512

    345182c48875ec9cbc79983ccec3efbf8967851cdfd3902f045c518a9898f94d7b0738f665b0abc79c1e45c0ac95ac3ed2cc4e62ce72712b6d2661f3dc874135

  • SSDEEP

    6144:bL/UrNUz1H3yq3A37RH2STniyIxZ1WqqdSv9x:bzUCRoRpidYU

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      file.exe

    • Size

      308KB

    • MD5

      3c3d638b755fae7701f8e4899655779a

    • SHA1

      5f5ec308741bfe116b82df12af0bcfd7e463b682

    • SHA256

      bccafa20960caeb5e17bb35c42029114cbb916c50b44db08e90e94edfc61c883

    • SHA512

      345182c48875ec9cbc79983ccec3efbf8967851cdfd3902f045c518a9898f94d7b0738f665b0abc79c1e45c0ac95ac3ed2cc4e62ce72712b6d2661f3dc874135

    • SSDEEP

      6144:bL/UrNUz1H3yq3A37RH2STniyIxZ1WqqdSv9x:bzUCRoRpidYU

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks