Overview

overview

10

Static

static

1

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    file.exe

  • Size

    191KB

  • Sample

    230204-radq5sgg8y

  • MD5

    08ae52f0e8fc87fe61b0750f79fbcff2

  • SHA1

    cba4d327d56cf2599156d163dcd4e8ad73c1f4f6

  • SHA256

    748aa5ee3f5e51911bfd0bbaf90c9ea41be3aa272749f205dfe7d2a972e874d7

  • SHA512

    157ef4eea2d704f3845c2edb085c004d95013d8d8dc8009deb6ec566563d239c4fb0bb84824651c6c97339bebe401a1c15a49f7fa92c102c084ddc81bbf821ea

  • SSDEEP

    3072:qVlr+HY0wH0XLRr9sBgWV55ucjlEMmYD+acunpD+9G0KQZlV:qVliHlLR5UgRY0iFQ

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      file.exe

    • Size

      191KB

    • MD5

      08ae52f0e8fc87fe61b0750f79fbcff2

    • SHA1

      cba4d327d56cf2599156d163dcd4e8ad73c1f4f6

    • SHA256

      748aa5ee3f5e51911bfd0bbaf90c9ea41be3aa272749f205dfe7d2a972e874d7

    • SHA512

      157ef4eea2d704f3845c2edb085c004d95013d8d8dc8009deb6ec566563d239c4fb0bb84824651c6c97339bebe401a1c15a49f7fa92c102c084ddc81bbf821ea

    • SSDEEP

      3072:qVlr+HY0wH0XLRr9sBgWV55ucjlEMmYD+acunpD+9G0KQZlV:qVliHlLR5UgRY0iFQ

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Executes dropped EXE

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks