Overview

overview

10

Static

static

1

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file.exe

  • Size

    322KB

  • Sample

    230206-s62zaaef77

  • MD5

    98ac66b5335b69a04509b0c4dfa2c386

  • SHA1

    c2573baf13b2515c9383407f4839d55e78e5c16f

  • SHA256

    db10cefb084fea28a3c69353d322f62b22baa6fbd238c2b7a8c37adbe17d0119

  • SHA512

    16d8980e59d1067d60b16a58e0d10ef30b1cab3901ad47e417c137c5a68ac866787f5e4fe7ca551e497b976cd7c67dfa4f9dba822dbbe07b95052183bd2d22db

  • SSDEEP

    3072:mzz9oqyLFPJCbRKsBzcKUai8xBfGAIVBsNlwkrLYUjS5C1//+sxA7rChcaMV+v3:6ByLZJCwsBDyAy6qkDoClRkL8

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      file.exe

    • Size

      322KB

    • MD5

      98ac66b5335b69a04509b0c4dfa2c386

    • SHA1

      c2573baf13b2515c9383407f4839d55e78e5c16f

    • SHA256

      db10cefb084fea28a3c69353d322f62b22baa6fbd238c2b7a8c37adbe17d0119

    • SHA512

      16d8980e59d1067d60b16a58e0d10ef30b1cab3901ad47e417c137c5a68ac866787f5e4fe7ca551e497b976cd7c67dfa4f9dba822dbbe07b95052183bd2d22db

    • SSDEEP

      3072:mzz9oqyLFPJCbRKsBzcKUai8xBfGAIVBsNlwkrLYUjS5C1//+sxA7rChcaMV+v3:6ByLZJCwsBDyAy6qkDoClRkL8

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks