Overview

overview

10

Static

static

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file.exe

  • Size

    260KB

  • Sample

    230113-a5rstafh8w

  • MD5

    9c9d8d10a2921130d8f158a905e992dc

  • SHA1

    777b9d092daa2e9e5a196f37b72e44a1c7b0ef97

  • SHA256

    8d1814a627e4038a1173b21d4a8ad9f74716683cb757cc7d09f1b7f6867f7df4

  • SHA512

    eab5c1e2d0e2f49cbe71bb7d71d5c107511bbfe4a9c9ca4794da4158cb2b045d4215fb7073ec0b95ec13b69721b061fb9357b14c4c1d3c1ae46a1e1121a437e2

  • SSDEEP

    3072:6XWSYX755E2R+oj69uAZw3xTNitU21z3I29QVAfgMe5LRFYUEA7:au7yoquAZcx2U2u29QPwUR

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      file.exe

    • Size

      260KB

    • MD5

      9c9d8d10a2921130d8f158a905e992dc

    • SHA1

      777b9d092daa2e9e5a196f37b72e44a1c7b0ef97

    • SHA256

      8d1814a627e4038a1173b21d4a8ad9f74716683cb757cc7d09f1b7f6867f7df4

    • SHA512

      eab5c1e2d0e2f49cbe71bb7d71d5c107511bbfe4a9c9ca4794da4158cb2b045d4215fb7073ec0b95ec13b69721b061fb9357b14c4c1d3c1ae46a1e1121a437e2

    • SSDEEP

      3072:6XWSYX755E2R+oj69uAZw3xTNitU21z3I29QVAfgMe5LRFYUEA7:au7yoquAZcx2U2u29QPwUR

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Executes dropped EXE

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks