Overview

overview

10

Static

static

1

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file

  • Size

    252KB

  • Sample

    230216-mlgjyshb43

  • MD5

    ec508eda86676045a4d567349dda9da6

  • SHA1

    fa1224025d01da8292bb3ffdade3ac22357b273e

  • SHA256

    d9699400364bac5307dc7445640ceea3a376319e21340e736a9901d9f5e7286d

  • SHA512

    bea36e1911ab8180f7f0d2545d01415ee7728f1e7cdb38d14faad7d385f113f8e4be3cb501834bd1054586f2de1867a1248e905b6336f5721f0b182c4490c80f

  • SSDEEP

    3072:i2WeJA9nL7hBR2qMRjGy5FrnLMfjvas0Lvbwg0TtpiKiPM8p3j0/nEp0yeQ55x:9Q5LPATTrnwMbwiKnMgfi5

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      file

    • Size

      252KB

    • MD5

      ec508eda86676045a4d567349dda9da6

    • SHA1

      fa1224025d01da8292bb3ffdade3ac22357b273e

    • SHA256

      d9699400364bac5307dc7445640ceea3a376319e21340e736a9901d9f5e7286d

    • SHA512

      bea36e1911ab8180f7f0d2545d01415ee7728f1e7cdb38d14faad7d385f113f8e4be3cb501834bd1054586f2de1867a1248e905b6336f5721f0b182c4490c80f

    • SSDEEP

      3072:i2WeJA9nL7hBR2qMRjGy5FrnLMfjvas0Lvbwg0TtpiKiPM8p3j0/nEp0yeQ55x:9Q5LPATTrnwMbwiKnMgfi5

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks