Overview

overview

10

Static

static

1

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    file.exe

  • Size

    187KB

  • Sample

    230212-p5r6xade31

  • MD5

    78d39e44c39d7599793636fe5d18305d

  • SHA1

    2acb5631cd56ac823cc004a9e1462c8b3b3c963f

  • SHA256

    5cd124802e894dc144cff7b0ea122b69830f2ecb2b44e656cc901e10c1ab9a04

  • SHA512

    bb344d8148dad53a13f452ad161ff1444916b1a5f19e2c8cf5b25031d4cfa3981a9dd96caea6bdb614bc2426badc3a63059504ce50e5677a6820ded525ecffff

  • SSDEEP

    3072:v7t0+rGj156yNmnkdW5GQ4NeonPmq3mYiqtNrzUKTi:j6L+yqkc5GPOq3mOrP

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      file.exe

    • Size

      187KB

    • MD5

      78d39e44c39d7599793636fe5d18305d

    • SHA1

      2acb5631cd56ac823cc004a9e1462c8b3b3c963f

    • SHA256

      5cd124802e894dc144cff7b0ea122b69830f2ecb2b44e656cc901e10c1ab9a04

    • SHA512

      bb344d8148dad53a13f452ad161ff1444916b1a5f19e2c8cf5b25031d4cfa3981a9dd96caea6bdb614bc2426badc3a63059504ce50e5677a6820ded525ecffff

    • SSDEEP

      3072:v7t0+rGj156yNmnkdW5GQ4NeonPmq3mYiqtNrzUKTi:j6L+yqkc5GPOq3mOrP

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks