Overview

overview

10

Static

static

1

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    file

  • Size

    187KB

  • Sample

    230212-qwqgdsec73

  • MD5

    06bd8cf8712eca35910517d67259ede8

  • SHA1

    a56f466faf411e8e579841f68a0c43cb2e1b82a3

  • SHA256

    baf1f6da87435db3c566e844aef26d4fe01c02d149c0021fadf777b2c7f03ea4

  • SHA512

    785e18aa2c9b176996d4329be60ca274c704ae95b01ef6f0a5540e0260ae554c652f73c4e8bc030c56dc3c45040d172adf740f92666db3d399267432daee5917

  • SSDEEP

    3072:y74O+rGbn56Yidz/7L2jy+7JyGLSWnpComiArmnVq:MDLwYidyb1ppCJnS

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      file

    • Size

      187KB

    • MD5

      06bd8cf8712eca35910517d67259ede8

    • SHA1

      a56f466faf411e8e579841f68a0c43cb2e1b82a3

    • SHA256

      baf1f6da87435db3c566e844aef26d4fe01c02d149c0021fadf777b2c7f03ea4

    • SHA512

      785e18aa2c9b176996d4329be60ca274c704ae95b01ef6f0a5540e0260ae554c652f73c4e8bc030c56dc3c45040d172adf740f92666db3d399267432daee5917

    • SSDEEP

      3072:y74O+rGbn56Yidz/7L2jy+7JyGLSWnpComiArmnVq:MDLwYidyb1ppCJnS

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks