Overview

overview

10

Static

static

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file.exe

  • Size

    240KB

  • Sample

    230101-he714see2w

  • MD5

    79db130b43c172d2836ffa5459632f19

  • SHA1

    6c8b60a6bc2a7badbc08d4d65227144761ea4336

  • SHA256

    a1fdc3c16d6eb5717d4df197133877d1a035b150efcb44afe01336db727b9f9b

  • SHA512

    21991501108116deff1c2bf5a8ba2c0089fcc854020a74a87641587d0ee281a7030ae571c8c6aceb56b3134bc6563dccb6f237f649a5e43c80726af94c73c798

  • SSDEEP

    3072:GXRSBAyLUKYdM8L5uthoXdqkYXh05+gtTYeHQnmqi0y9m27hZY:u9yL0M8YgAmJYtm79zZY

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      file.exe

    • Size

      240KB

    • MD5

      79db130b43c172d2836ffa5459632f19

    • SHA1

      6c8b60a6bc2a7badbc08d4d65227144761ea4336

    • SHA256

      a1fdc3c16d6eb5717d4df197133877d1a035b150efcb44afe01336db727b9f9b

    • SHA512

      21991501108116deff1c2bf5a8ba2c0089fcc854020a74a87641587d0ee281a7030ae571c8c6aceb56b3134bc6563dccb6f237f649a5e43c80726af94c73c798

    • SSDEEP

      3072:GXRSBAyLUKYdM8L5uthoXdqkYXh05+gtTYeHQnmqi0y9m27hZY:u9yL0M8YgAmJYtm79zZY

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks