Overview

overview

10

Static

static

1

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    file.exe

  • Size

    239KB

  • Sample

    230211-rt7hkaga88

  • MD5

    022da43a8538b6e3738eae1068d09e43

  • SHA1

    31d658f7028486442cac2f7fa21a170769a5101d

  • SHA256

    92e9bfa6067e2aa0af4b125cf4d61f3f3a6366dd23dfb4b81a7c66f0b172d1d7

  • SHA512

    048e5c7433366c0aa1dafd9aba43a60fff2edfaac2e86b30c3b7d62c1a3687b73fd5d9171e277043d6124b49a34bc44c5c8a478483705fe3283695bc84d9ab5a

  • SSDEEP

    3072:3tbo5t/K1ohqeE8LS5B+xpN5vGZEzRcpm5zRxOEcP:9SYeFLKANBGZEfzRkEc

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      file.exe

    • Size

      239KB

    • MD5

      022da43a8538b6e3738eae1068d09e43

    • SHA1

      31d658f7028486442cac2f7fa21a170769a5101d

    • SHA256

      92e9bfa6067e2aa0af4b125cf4d61f3f3a6366dd23dfb4b81a7c66f0b172d1d7

    • SHA512

      048e5c7433366c0aa1dafd9aba43a60fff2edfaac2e86b30c3b7d62c1a3687b73fd5d9171e277043d6124b49a34bc44c5c8a478483705fe3283695bc84d9ab5a

    • SSDEEP

      3072:3tbo5t/K1ohqeE8LS5B+xpN5vGZEzRcpm5zRxOEcP:9SYeFLKANBGZEfzRkEc

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks