Overview

overview

10

Static

static

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file.exe

  • Size

    250KB

  • Sample

    221230-pz7peaag9x

  • MD5

    bd29fda79307e251a8495d96c74ff515

  • SHA1

    e99f44b74b13faa8d9e349295409f4ca94bb10cf

  • SHA256

    571f5aef5e656010a42fa8972985ebe1a413cf30cb28b0c97b9ee1b59146c59f

  • SHA512

    2164a8f7d047844824af0926223c46cd5754b020bfa869685c77b2139992c0a5e3770c201202f59b0ae72d37b2e94e04712380c427f0df01c3191fbbd7f11fd0

  • SSDEEP

    3072:WCyR2uLp4+RYq0JONhaGQLRXx0fZjvaLU8y5/LU8y5ZB6xuqqb53y1teM:a2uLp47q00sGS70xjvao5oEx3E5

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      file.exe

    • Size

      250KB

    • MD5

      bd29fda79307e251a8495d96c74ff515

    • SHA1

      e99f44b74b13faa8d9e349295409f4ca94bb10cf

    • SHA256

      571f5aef5e656010a42fa8972985ebe1a413cf30cb28b0c97b9ee1b59146c59f

    • SHA512

      2164a8f7d047844824af0926223c46cd5754b020bfa869685c77b2139992c0a5e3770c201202f59b0ae72d37b2e94e04712380c427f0df01c3191fbbd7f11fd0

    • SSDEEP

      3072:WCyR2uLp4+RYq0JONhaGQLRXx0fZjvaLU8y5/LU8y5ZB6xuqqb53y1teM:a2uLp47q00sGS70xjvao5oEx3E5

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks