Overview

overview

10

Static

static

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file.exe

  • Size

    168KB

  • Sample

    230130-xfq7badb8x

  • MD5

    c29d4cad0b3ee8e9de9c5072ea8e3e5f

  • SHA1

    69e2f325b645965bef47b7348930b77cb92c8464

  • SHA256

    3b49ff1427419b9b0742d7d43df81adeb3e70937ecabc5a010d9a457ef40fb03

  • SHA512

    acf047ea7559f592aa7b87c9736fd11064183c7bd9547ec821cfcdcd13c9048941a9b045bf8e4a814b9b035bdc1dd457687de3ff08d946de79c3440c14ecf83e

  • SSDEEP

    3072:IRdO2LAbWCH5XdGmAvhKr8qYigtRecShu/HbQkPQ5:cLMWCZdGN5t5ShuDQq

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      file.exe

    • Size

      168KB

    • MD5

      c29d4cad0b3ee8e9de9c5072ea8e3e5f

    • SHA1

      69e2f325b645965bef47b7348930b77cb92c8464

    • SHA256

      3b49ff1427419b9b0742d7d43df81adeb3e70937ecabc5a010d9a457ef40fb03

    • SHA512

      acf047ea7559f592aa7b87c9736fd11064183c7bd9547ec821cfcdcd13c9048941a9b045bf8e4a814b9b035bdc1dd457687de3ff08d946de79c3440c14ecf83e

    • SSDEEP

      3072:IRdO2LAbWCH5XdGmAvhKr8qYigtRecShu/HbQkPQ5:cLMWCZdGN5t5ShuDQq

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Executes dropped EXE

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks