Overview

overview

10

Static

static

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file.exe

  • Size

    279KB

  • Sample

    230110-qq8e1sbh91

  • MD5

    1776923c2a7bb4bea05c60173d8847e8

  • SHA1

    ea75f9952ac9f3291a1a6879c2985f19fbed4f84

  • SHA256

    2fc9b66b443aec556da472e03f13aa3d3be5d7ac2e0863895476cf930cce285f

  • SHA512

    b8ac5573bce7c77238639d0a6283e18939098b918fcc90628d4be55bb1d772cdd02702cf7f0ff25020a0b68783af33d3b93fadbd0ce7e742276860a561e6e891

  • SSDEEP

    3072:q7XE0djDjLwwNgU4Plv5DScBGNAC2MKO52Tq69DibMb2m4FwCpjKpEAHQLj/fd:ELHLvgU4Pl8NNAC2M32Tq6d9bnEmQLr

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      file.exe

    • Size

      279KB

    • MD5

      1776923c2a7bb4bea05c60173d8847e8

    • SHA1

      ea75f9952ac9f3291a1a6879c2985f19fbed4f84

    • SHA256

      2fc9b66b443aec556da472e03f13aa3d3be5d7ac2e0863895476cf930cce285f

    • SHA512

      b8ac5573bce7c77238639d0a6283e18939098b918fcc90628d4be55bb1d772cdd02702cf7f0ff25020a0b68783af33d3b93fadbd0ce7e742276860a561e6e891

    • SSDEEP

      3072:q7XE0djDjLwwNgU4Plv5DScBGNAC2MKO52Tq69DibMb2m4FwCpjKpEAHQLj/fd:ELHLvgU4Pl8NNAC2M32Tq6d9bnEmQLr

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Executes dropped EXE

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks