Overview

overview

10

Static

static

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    file.exe

  • Size

    225KB

  • Sample

    230201-mc32laef9t

  • MD5

    b430d4a597b2db5219ae41bff356bd23

  • SHA1

    282145d13c473993656a83d28d500d65b0a4a38a

  • SHA256

    ff77be205998e66b1c09963a16ef58b4a95637347c0b71c73d4b05fae2052f61

  • SHA512

    723feb3a4ac10b04bf0f0b8d59217b4971e30fb62634cac9ae36a1000bc1013839991a87481df5a04471e159f9a9604c3a21afcde9013755d38f11cd362b3561

  • SSDEEP

    3072:gWBGZPc6VltuRs8LrRW1w5i4dIFpbFryS0x7T2AvrrOE:gWBuxTuFLrRwgdCbhCx7KaOE

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      file.exe

    • Size

      225KB

    • MD5

      b430d4a597b2db5219ae41bff356bd23

    • SHA1

      282145d13c473993656a83d28d500d65b0a4a38a

    • SHA256

      ff77be205998e66b1c09963a16ef58b4a95637347c0b71c73d4b05fae2052f61

    • SHA512

      723feb3a4ac10b04bf0f0b8d59217b4971e30fb62634cac9ae36a1000bc1013839991a87481df5a04471e159f9a9604c3a21afcde9013755d38f11cd362b3561

    • SSDEEP

      3072:gWBGZPc6VltuRs8LrRW1w5i4dIFpbFryS0x7T2AvrrOE:gWBuxTuFLrRwgdCbhCx7KaOE

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks