General

  • Target

    file

  • Size

    298KB

  • Sample

    230207-aldf3sbg6z

  • MD5

    afc1de57455861ff97bf20c27cfaba6c

  • SHA1

    00bd80516cbf5a309b48730abc76eedd9c5c688f

  • SHA256

    086f98376b2a5d38f1215467ef57d7803523984b3ff745fc5438eea791da7985

  • SHA512

    d2651e79444401b4a04f7169d6d782eea042273eacca0e95dd332b2562d2789bda2dabda11c37d18815013ea0d024271f1ffdbe74b74006d5af863b82f1673ce

  • SSDEEP

    3072:Aqb6bEcjNLqKRmaVrAndcjlYJZnQ6jJC9GS6AEn11uQjiMTE5wY3ta5hN:1vcjNLqJaVYeCjJoEkE11uQj9EaL

Malware Config

Targets

    • Target

      file

    • Size

      298KB

    • MD5

      afc1de57455861ff97bf20c27cfaba6c

    • SHA1

      00bd80516cbf5a309b48730abc76eedd9c5c688f

    • SHA256

      086f98376b2a5d38f1215467ef57d7803523984b3ff745fc5438eea791da7985

    • SHA512

      d2651e79444401b4a04f7169d6d782eea042273eacca0e95dd332b2562d2789bda2dabda11c37d18815013ea0d024271f1ffdbe74b74006d5af863b82f1673ce

    • SSDEEP

      3072:Aqb6bEcjNLqKRmaVrAndcjlYJZnQ6jJC9GS6AEn11uQjiMTE5wY3ta5hN:1vcjNLqJaVYeCjJoEkE11uQj9EaL

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

    • Executes dropped EXE

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks