Triage | Malware sandboxing report by Hatching Triage

Sharing

General

Target

6645ff72ed5da7482e0d3f3a9bbdec8c20bf16474f2138b007599f8ce45ca51e
Size

341KB
Sample

230125-nc4tkafg96
MD5

030eb10b5870ab3d80954c2cde57958d
SHA1

234bfd0aed54e6c43c22ced5ac90257b305ed1a8
SHA256

6645ff72ed5da7482e0d3f3a9bbdec8c20bf16474f2138b007599f8ce45ca51e
SHA512

e7cecdcb039d56cfc080de38ed445473640a266f501e82cbb4812c0395bfa8cba7ae6051fd8e5c1d357033a1778159f47c28a8e203217f81c1132eb679d635e9
SSDEEP

6144:GbLpceowVd1lUIjmto/aYYOjq7VWRFBMolz90KvQm:utcJode4i7VWR5lzBX

Score

10^/10

smokeloader backdoor trojan

Malware Config

Targets

- Target
  
  6645ff72ed5da7482e0d3f3a9bbdec8c20bf16474f2138b007599f8ce45ca51e
- Size
  
  341KB
- MD5
  
  030eb10b5870ab3d80954c2cde57958d
- SHA1
  
  234bfd0aed54e6c43c22ced5ac90257b305ed1a8
- SHA256
  
  6645ff72ed5da7482e0d3f3a9bbdec8c20bf16474f2138b007599f8ce45ca51e
- SHA512
  
  e7cecdcb039d56cfc080de38ed445473640a266f501e82cbb4812c0395bfa8cba7ae6051fd8e5c1d357033a1778159f47c28a8e203217f81c1132eb679d635e9
- SSDEEP
  
  6144:GbLpceowVd1lUIjmto/aYYOjq7VWRFBMolz90KvQm:utcJode4i7VWR5lzBX
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix

Collection

Command and Control

Credential Access

Defense Evasion

Discovery

Execution

Exfiltration

Impact

Initial Access

Lateral Movement

Persistence

Privilege Escalation

Tasks

static1

behavioral1

smokeloaderbackdoortrojan