Overview

overview

10

Static

static

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file.exe

  • Size

    167KB

  • Sample

    230131-ahq8rsdc57

  • MD5

    5a059ed72a6871e8e9c8f6124ac5be9a

  • SHA1

    e74b28cb61e542c79d84b4cca737f33f4e680ca6

  • SHA256

    e5a7f5ebac116313c1e61e55fd4db09ae60f7762bd4110ff43d6032fab605e27

  • SHA512

    061a3abfa88eeb1e99319929eeed4eb31c33886a9eeca9f325b49e1a65f9a8c54e93eed3199136eee11c9b849aabf02dde8a31f9dc1f570568361e1eb67fdd8c

  • SSDEEP

    3072:Sj1huo38LoYhiUx5YHnzfzmUSY4w87cY8MWQCtY:FLoYhiU8Hzfz3pOB

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      file.exe

    • Size

      167KB

    • MD5

      5a059ed72a6871e8e9c8f6124ac5be9a

    • SHA1

      e74b28cb61e542c79d84b4cca737f33f4e680ca6

    • SHA256

      e5a7f5ebac116313c1e61e55fd4db09ae60f7762bd4110ff43d6032fab605e27

    • SHA512

      061a3abfa88eeb1e99319929eeed4eb31c33886a9eeca9f325b49e1a65f9a8c54e93eed3199136eee11c9b849aabf02dde8a31f9dc1f570568361e1eb67fdd8c

    • SSDEEP

      3072:Sj1huo38LoYhiUx5YHnzfzmUSY4w87cY8MWQCtY:FLoYhiU8Hzfz3pOB

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks