Triage | Malware sandboxing report by Hatching Triage

Sharing

General

Target

9c61453e154e13f1c384a83ca3ac0331cde96ae9d8652dbb8366722cb1adf8b4
Size

299KB
Sample

230206-yxs8nsah9y
MD5

aa5a5c1a74dfeeeae5e3ad5b8918e895
SHA1

08bf1a1b6d5d4e3b52fd3605c948949fa9eebfe8
SHA256

9c61453e154e13f1c384a83ca3ac0331cde96ae9d8652dbb8366722cb1adf8b4
SHA512

88d26a2e6f1efc50d52cf1e9d7addcdbd5d0b3ef8035561d12cf5dc6718699ce1e2aaacacb2d4ee89c952493fddc74e07a4b06dd65d832964b55421ad58bcfc7
SSDEEP

3072:CEeb6bdqLZFRGh6vzIXWnSiowFtXtdsnc41ObuQjiMTE5B00afZi:CTGqLZKh6cmQwP8n71WuQj9Uah

Score

10^/10

smokeloader backdoor trojan

Malware Config

Targets

- Target
  
  9c61453e154e13f1c384a83ca3ac0331cde96ae9d8652dbb8366722cb1adf8b4
- Size
  
  299KB
- MD5
  
  aa5a5c1a74dfeeeae5e3ad5b8918e895
- SHA1
  
  08bf1a1b6d5d4e3b52fd3605c948949fa9eebfe8
- SHA256
  
  9c61453e154e13f1c384a83ca3ac0331cde96ae9d8652dbb8366722cb1adf8b4
- SHA512
  
  88d26a2e6f1efc50d52cf1e9d7addcdbd5d0b3ef8035561d12cf5dc6718699ce1e2aaacacb2d4ee89c952493fddc74e07a4b06dd65d832964b55421ad58bcfc7
- SSDEEP
  
  3072:CEeb6bdqLZFRGh6vzIXWnSiowFtXtdsnc41ObuQjiMTE5B00afZi:CTGqLZKh6cmQwP8n71WuQj9Uah
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix

Collection

Command and Control

Credential Access

Defense Evasion

Discovery

Execution

Exfiltration

Impact

Initial Access

Lateral Movement

Persistence

Privilege Escalation

Tasks

static1

behavioral1

smokeloaderbackdoortrojan