Overview

overview

10

Static

static

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    file.exe

  • Size

    169KB

  • Sample

    230130-wpqrgabd89

  • MD5

    85fb42ab097c8bbf4951c185cf731c6d

  • SHA1

    19ae68fda9a66f7c59e18e68c6da40f8033f2511

  • SHA256

    3e60dde33c1c7afe61909b914007c6c7fc7bc305c967b6f110e833624ca96817

  • SHA512

    208ed6f64eb3c0fff2ab335d2fbfa0e3aa8bccb9f4b3102e297bbc60581e84150a44e36e850c3d40de14d56ccd9980bdff951fd0ae5b0b0c49d692fefbe45af7

  • SSDEEP

    3072:/zqSVKLd2GC5uT7L+UKcGdOHsw1K4kGWenHValPn:WLd2GJv+tOH50GW2HValP

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      file.exe

    • Size

      169KB

    • MD5

      85fb42ab097c8bbf4951c185cf731c6d

    • SHA1

      19ae68fda9a66f7c59e18e68c6da40f8033f2511

    • SHA256

      3e60dde33c1c7afe61909b914007c6c7fc7bc305c967b6f110e833624ca96817

    • SHA512

      208ed6f64eb3c0fff2ab335d2fbfa0e3aa8bccb9f4b3102e297bbc60581e84150a44e36e850c3d40de14d56ccd9980bdff951fd0ae5b0b0c49d692fefbe45af7

    • SSDEEP

      3072:/zqSVKLd2GC5uT7L+UKcGdOHsw1K4kGWenHValPn:WLd2GJv+tOH50GW2HValP

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks