Overview

overview

10

Static

static

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file.exe

  • Size

    168KB

  • Sample

    230130-t1ykcacg2z

  • MD5

    e83e0c1a239a6ee3b168276636256e60

  • SHA1

    e23c097277db3db2a4dbc76f68fade41b15fdf02

  • SHA256

    be48bf98323f33e64fd282edcb5413d86dcd291c073084826e7e89b24dc0b99d

  • SHA512

    0cafb90da246e8dd65786631243d432440d9f6da24219ef4d4cae9eb23f8526d33a8b418813b2f9a249c0927bfaba7c67aec56781245367506e6ef9f8ed78659

  • SSDEEP

    3072:Bn4v5Lq4lw0F52HzjMjWncqOPAnDhRujzebXQ:GLPw0evMjWnDYq9sjys

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      file.exe

    • Size

      168KB

    • MD5

      e83e0c1a239a6ee3b168276636256e60

    • SHA1

      e23c097277db3db2a4dbc76f68fade41b15fdf02

    • SHA256

      be48bf98323f33e64fd282edcb5413d86dcd291c073084826e7e89b24dc0b99d

    • SHA512

      0cafb90da246e8dd65786631243d432440d9f6da24219ef4d4cae9eb23f8526d33a8b418813b2f9a249c0927bfaba7c67aec56781245367506e6ef9f8ed78659

    • SSDEEP

      3072:Bn4v5Lq4lw0F52HzjMjWncqOPAnDhRujzebXQ:GLPw0evMjWnDYq9sjys

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks