Overview

overview

10

Static

static

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file.exe

  • Size

    321KB

  • Sample

    230107-xhgewsec89

  • MD5

    8f73d07f0d90a7319d6640c671724c66

  • SHA1

    39985704268f6e0ec4a432c5e45fb99148b074b2

  • SHA256

    7d4450150face7b835a3a417871034e72b020780bd40fcb06f181433042412b4

  • SHA512

    1eb8b818da7e67ae77b2650c6137f53b642c8ba47c2f8ad38434c6c10788fb10a64165605f605c176348dc6944d187355187145e8ab617f85b33c615c1188d50

  • SSDEEP

    6144:es6JncLBHf6jhsfrw2a3by+aU+ZoMS/sCzn/ZXi6WbP:es6Jc9Hf6HzbyLU+ZuEqn/li

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      file.exe

    • Size

      321KB

    • MD5

      8f73d07f0d90a7319d6640c671724c66

    • SHA1

      39985704268f6e0ec4a432c5e45fb99148b074b2

    • SHA256

      7d4450150face7b835a3a417871034e72b020780bd40fcb06f181433042412b4

    • SHA512

      1eb8b818da7e67ae77b2650c6137f53b642c8ba47c2f8ad38434c6c10788fb10a64165605f605c176348dc6944d187355187145e8ab617f85b33c615c1188d50

    • SSDEEP

      6144:es6JncLBHf6jhsfrw2a3by+aU+ZoMS/sCzn/ZXi6WbP:es6Jc9Hf6HzbyLU+ZuEqn/li

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks