Overview

overview

10

Static

static

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    file.exe

  • Size

    326KB

  • Sample

    230110-es3rrsff71

  • MD5

    408a31880339ad94e86c94e2990994fe

  • SHA1

    6bed8846d398cf8f8286652dd9ce6fb97496227e

  • SHA256

    b92409594487498f9412e104175aa5b87ef199962a023e2f16d7c3c53302457f

  • SHA512

    bce48baf3a5ce571a579f69a63ed7b7184d3ec983460cbb1441dd739d7f07ca63b7f2616aa70fc72eae648e6544ff571e018e80fb81974141f8445c5ce40dbb0

  • SSDEEP

    6144:Xgo579KC7zBIpgPtilfkj4O7dBA0XfeJY:XgO0aFIq8lfk1W

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      file.exe

    • Size

      326KB

    • MD5

      408a31880339ad94e86c94e2990994fe

    • SHA1

      6bed8846d398cf8f8286652dd9ce6fb97496227e

    • SHA256

      b92409594487498f9412e104175aa5b87ef199962a023e2f16d7c3c53302457f

    • SHA512

      bce48baf3a5ce571a579f69a63ed7b7184d3ec983460cbb1441dd739d7f07ca63b7f2616aa70fc72eae648e6544ff571e018e80fb81974141f8445c5ce40dbb0

    • SSDEEP

      6144:Xgo579KC7zBIpgPtilfkj4O7dBA0XfeJY:XgO0aFIq8lfk1W

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks