Overview

overview

10

Static

static

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    file.exe

  • Size

    301KB

  • Sample

    221229-halx3sce36

  • MD5

    9c08b3313615961093afe3c90a2f1f5a

  • SHA1

    b993fe3063a85cddcc4a2f8640ba5cd46ef809b3

  • SHA256

    ab5a18e652a314ff9cf6b92a1833955e9b56e6077f25100da3199e795e35d2fc

  • SHA512

    65d1cb3327b8b66218c3a7bb246bbc6646aead6e00590e98b13efd5f6f46f19a15d86af7c488a0de30905a46596380504657889320c07313fbac3f43d743fbb4

  • SSDEEP

    6144:VUUT98LZFIcLtrPMOWfy9w7n1HbwZoV9J:9WzIeQ8w7

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      file.exe

    • Size

      301KB

    • MD5

      9c08b3313615961093afe3c90a2f1f5a

    • SHA1

      b993fe3063a85cddcc4a2f8640ba5cd46ef809b3

    • SHA256

      ab5a18e652a314ff9cf6b92a1833955e9b56e6077f25100da3199e795e35d2fc

    • SHA512

      65d1cb3327b8b66218c3a7bb246bbc6646aead6e00590e98b13efd5f6f46f19a15d86af7c488a0de30905a46596380504657889320c07313fbac3f43d743fbb4

    • SSDEEP

      6144:VUUT98LZFIcLtrPMOWfy9w7n1HbwZoV9J:9WzIeQ8w7

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks