Overview

overview

10

Static

static

1

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    file.exe

  • Size

    193KB

  • Sample

    230207-2pypzaga64

  • MD5

    39cd853d3cbbe48e14409b67f130ec4f

  • SHA1

    5ab6abdb8771a98fae0a3abb64cccfe1f7963e62

  • SHA256

    0c4bcf9f156031e4aff123c06411283951d4a6e41ee4c4a4cb5603cf312d2c1e

  • SHA512

    aa2630e4b32df5148d64857fd11ad5c955c191b8ee4a6741b09ce03dec283d72199d9e8089380485549d520659b9f007301dc9f5d05ce10f82d8aa6a81b65983

  • SSDEEP

    3072:pdeOdZO1v2AvaLabGWNP5bUoVYQ9A8L+QzxqB:pdeocraLqGYRhr9yQzxqB

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      file.exe

    • Size

      193KB

    • MD5

      39cd853d3cbbe48e14409b67f130ec4f

    • SHA1

      5ab6abdb8771a98fae0a3abb64cccfe1f7963e62

    • SHA256

      0c4bcf9f156031e4aff123c06411283951d4a6e41ee4c4a4cb5603cf312d2c1e

    • SHA512

      aa2630e4b32df5148d64857fd11ad5c955c191b8ee4a6741b09ce03dec283d72199d9e8089380485549d520659b9f007301dc9f5d05ce10f82d8aa6a81b65983

    • SSDEEP

      3072:pdeOdZO1v2AvaLabGWNP5bUoVYQ9A8L+QzxqB:pdeocraLqGYRhr9yQzxqB

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks