Overview

overview

10

Static

static

1

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file.exe

  • Size

    197KB

  • Sample

    230211-3w9w9aec3y

  • MD5

    e5a7311e59c1ca0a10486b080d4cc81e

  • SHA1

    452a423b77c14ca67a543febfe6d2b0c1c2a0f0d

  • SHA256

    e9bf97df7241ec72ba8fbb2cc0800c3baddbb00ece9966ab67828575b43177e9

  • SHA512

    6be36a717df2599c0de1edaf7414b8ff5ebacc3483e114fec5641eba0c8b6e402d2e7594faff2daede9d9f894f2d9ffa011e34838844bbec0ab17f6c72851beb

  • SSDEEP

    3072:Fjq39+0JO9eB5CtUBcZVJU3ZvveJ2ArPw4v8UwQdPftG:FGtRST6GNuO4ArYZUwQV

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      file.exe

    • Size

      197KB

    • MD5

      e5a7311e59c1ca0a10486b080d4cc81e

    • SHA1

      452a423b77c14ca67a543febfe6d2b0c1c2a0f0d

    • SHA256

      e9bf97df7241ec72ba8fbb2cc0800c3baddbb00ece9966ab67828575b43177e9

    • SHA512

      6be36a717df2599c0de1edaf7414b8ff5ebacc3483e114fec5641eba0c8b6e402d2e7594faff2daede9d9f894f2d9ffa011e34838844bbec0ab17f6c72851beb

    • SSDEEP

      3072:Fjq39+0JO9eB5CtUBcZVJU3ZvveJ2ArPw4v8UwQdPftG:FGtRST6GNuO4ArYZUwQV

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks