Overview

overview

10

Static

static

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    file.exe

  • Size

    278KB

  • Sample

    230110-ygd4tahc85

  • MD5

    b74f082807bed2841cfd1980c2b885c7

  • SHA1

    d213dc44e0120154b394e685056325bfbf86c60a

  • SHA256

    a4ecdf8932b6ffd5e81968cea82dc498d3407ffa15d20fab888f8d9ea39adc51

  • SHA512

    2b6efe1ed8918b4cbdf9aa47fdebf4179d286015484cd6564a2792707f52654c26c56c482bb09d754b90da73eb9f20100c9c27db22b9f4171482ef76a03ff035

  • SSDEEP

    3072:hXEasU/DR5BiOLymIxzM1eGo5ZaIxMwnl4ULuLWvxdX2m4FwCpjKpEAHQLj/f+:FRDRlL+xzaeGlwqKuexFnEmQLr

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      file.exe

    • Size

      278KB

    • MD5

      b74f082807bed2841cfd1980c2b885c7

    • SHA1

      d213dc44e0120154b394e685056325bfbf86c60a

    • SHA256

      a4ecdf8932b6ffd5e81968cea82dc498d3407ffa15d20fab888f8d9ea39adc51

    • SHA512

      2b6efe1ed8918b4cbdf9aa47fdebf4179d286015484cd6564a2792707f52654c26c56c482bb09d754b90da73eb9f20100c9c27db22b9f4171482ef76a03ff035

    • SSDEEP

      3072:hXEasU/DR5BiOLymIxzM1eGo5ZaIxMwnl4ULuLWvxdX2m4FwCpjKpEAHQLj/f+:FRDRlL+xzaeGlwqKuexFnEmQLr

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks