Overview

overview

10

Static

static

1

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file.exe

  • Size

    192KB

  • Sample

    230204-3h9pbsfb23

  • MD5

    84bd953c8da982e2d1d0b4cf3d73f2b0

  • SHA1

    6546a0c780cbefe872667005983b451b48ea8965

  • SHA256

    627b9c97c0737144482faf3622c06164ef1f4a199d7967e528ff89de1822da06

  • SHA512

    6d67a19a86220b1ddec9f39fc314ff4440ec4af4b04e8471cc896f399091b1bef6bd12740c3a7803d4e73d844d834866fed5eed7ef66c9d7b70ad3dbd4bf1d04

  • SSDEEP

    3072:AMnO5McAhtavGpLXuyWnE5GMwN1Ecnil+87K0BdChKejCDQrK:AMnJNhM+pLeyJwfXnio8u0zxeCQr

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      file.exe

    • Size

      192KB

    • MD5

      84bd953c8da982e2d1d0b4cf3d73f2b0

    • SHA1

      6546a0c780cbefe872667005983b451b48ea8965

    • SHA256

      627b9c97c0737144482faf3622c06164ef1f4a199d7967e528ff89de1822da06

    • SHA512

      6d67a19a86220b1ddec9f39fc314ff4440ec4af4b04e8471cc896f399091b1bef6bd12740c3a7803d4e73d844d834866fed5eed7ef66c9d7b70ad3dbd4bf1d04

    • SSDEEP

      3072:AMnO5McAhtavGpLXuyWnE5GMwN1Ecnil+87K0BdChKejCDQrK:AMnJNhM+pLeyJwfXnio8u0zxeCQr

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks