Overview

overview

10

Static

static

1

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    file.exe

  • Size

    180KB

  • Sample

    230213-d8rtrsae99

  • MD5

    f6ff1805d054c2e10bb993166c9dae1d

  • SHA1

    b0bbd730e4b6282aa4d3f301ee29a3098d55b0ea

  • SHA256

    c3ee79b7f326fe41e0bb574a65808160795850f993f9961061415051e3cd35cb

  • SHA512

    395e42216d2543df31d0b29e15e6e6203cb78d8b8b10b012c480c7d45dcfd3eb74ee0650faeaea294526a9b3e14a02b918208683b298fc9e6cbf0b9c8108f575

  • SSDEEP

    3072:Ms1uDV39aK35XkfR8aAdoKsoehdL1GFqewklPohFVNy9f:M1VPBk58aACKsVh5I0ew6PmFVg9

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      file.exe

    • Size

      180KB

    • MD5

      f6ff1805d054c2e10bb993166c9dae1d

    • SHA1

      b0bbd730e4b6282aa4d3f301ee29a3098d55b0ea

    • SHA256

      c3ee79b7f326fe41e0bb574a65808160795850f993f9961061415051e3cd35cb

    • SHA512

      395e42216d2543df31d0b29e15e6e6203cb78d8b8b10b012c480c7d45dcfd3eb74ee0650faeaea294526a9b3e14a02b918208683b298fc9e6cbf0b9c8108f575

    • SSDEEP

      3072:Ms1uDV39aK35XkfR8aAdoKsoehdL1GFqewklPohFVNy9f:M1VPBk58aACKsVh5I0ew6PmFVg9

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks