Overview

overview

10

Static

static

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file

  • Size

    206KB

  • Sample

    230115-e17qpadh4w

  • MD5

    9637a41d05f0196d5e55aed061ff1e8f

  • SHA1

    ab5a0d9495ce7f2f90982025a7f3dc9fa4cc42d3

  • SHA256

    b6d9d9b8b9ce10789f91acc0113847180b99870069e43f6d44b47c5132f3effd

  • SHA512

    a66549832b3893da97468e9c67153074987deeaf98e5b0cdc9810950493e2641d361257ec3d84aa7280816fbc91a6562d64d7cba9f06dd66091b177cf3da82c2

  • SSDEEP

    3072:zX9aGe2Gn+SfafXyYT5HotFceDR8buSvrjNi2DrJjBxW8X1gapb:rU2Gn+Sf7xdN/E4AJq8X3p

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      file

    • Size

      206KB

    • MD5

      9637a41d05f0196d5e55aed061ff1e8f

    • SHA1

      ab5a0d9495ce7f2f90982025a7f3dc9fa4cc42d3

    • SHA256

      b6d9d9b8b9ce10789f91acc0113847180b99870069e43f6d44b47c5132f3effd

    • SHA512

      a66549832b3893da97468e9c67153074987deeaf98e5b0cdc9810950493e2641d361257ec3d84aa7280816fbc91a6562d64d7cba9f06dd66091b177cf3da82c2

    • SSDEEP

      3072:zX9aGe2Gn+SfafXyYT5HotFceDR8buSvrjNi2DrJjBxW8X1gapb:rU2Gn+Sf7xdN/E4AJq8X3p

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks