Overview

overview

10

Static

static

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    file.exe

  • Size

    288KB

  • Sample

    221230-1wnb5sbh6x

  • MD5

    17d896fe973ab7755771a47b302924f6

  • SHA1

    d2ab50f010ed3d0b88cd8d1d0f2637119346039c

  • SHA256

    1ffd4c5f34c1043d624d5cada80aa6774d5fc4ffe6214cc4fb96762d5fb67527

  • SHA512

    8a972d72c296c4f23704c7806e3f5e1b78e55d08ca7734d2e8ea0a2ae4b49d1eae25fc969826b60467fa227b1e6d82d680414742be0cf5ceefcc8582b8c4028a

  • SSDEEP

    3072:k8hKk24uwLZ+10aIRVPmsiU9VbA9KXChGXL4nTWoNyW+8U9SkEqwi:I74lL60aGesiU9H+G8WoNyB8UIkEq

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      file.exe

    • Size

      288KB

    • MD5

      17d896fe973ab7755771a47b302924f6

    • SHA1

      d2ab50f010ed3d0b88cd8d1d0f2637119346039c

    • SHA256

      1ffd4c5f34c1043d624d5cada80aa6774d5fc4ffe6214cc4fb96762d5fb67527

    • SHA512

      8a972d72c296c4f23704c7806e3f5e1b78e55d08ca7734d2e8ea0a2ae4b49d1eae25fc969826b60467fa227b1e6d82d680414742be0cf5ceefcc8582b8c4028a

    • SSDEEP

      3072:k8hKk24uwLZ+10aIRVPmsiU9VbA9KXChGXL4nTWoNyW+8U9SkEqwi:I74lL60aGesiU9H+G8WoNyB8UIkEq

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks