Overview

overview

10

Static

static

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    file.exe

  • Size

    251KB

  • Sample

    221230-qlnj2sff52

  • MD5

    9b871e5524e2e2ff6792a0c62bc88477

  • SHA1

    7fa6da356234efe5c2f9354b5ec042cd51839b32

  • SHA256

    d4e3caa22fa08c38bb831c7a5e3b3c6a33bd59f570ba7c7bc0e47617dc07bf44

  • SHA512

    0fdd9d55f29ef74161fc74bf09a4f1ac6510ccae1f515b368acec6ccc29fa0cce311cda3aa5918c460c41c644dac801f39c45ac329e609fdb8aaa596e3bfa795

  • SSDEEP

    3072:cp3IWCLNf7R/WxC87DxJhiWHpVBPRI7puLU8y5/LU8y5/B6xuqqb53y1teM:9WCLNfo1jZpV6uo5oGx3E5

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      file.exe

    • Size

      251KB

    • MD5

      9b871e5524e2e2ff6792a0c62bc88477

    • SHA1

      7fa6da356234efe5c2f9354b5ec042cd51839b32

    • SHA256

      d4e3caa22fa08c38bb831c7a5e3b3c6a33bd59f570ba7c7bc0e47617dc07bf44

    • SHA512

      0fdd9d55f29ef74161fc74bf09a4f1ac6510ccae1f515b368acec6ccc29fa0cce311cda3aa5918c460c41c644dac801f39c45ac329e609fdb8aaa596e3bfa795

    • SSDEEP

      3072:cp3IWCLNf7R/WxC87DxJhiWHpVBPRI7puLU8y5/LU8y5/B6xuqqb53y1teM:9WCLNfo1jZpV6uo5oGx3E5

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks