Overview

overview

10

Static

static

3

e75b4e00e7...18.exe

windows7-x64

10

e75b4e00e7...18.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e75b4e00e7ca3213f0b2763f1adf7f33_JaffaCakes118

  • Size

    149KB

  • Sample

    240917-v59c3svhnc

  • MD5

    e75b4e00e7ca3213f0b2763f1adf7f33

  • SHA1

    5977af37533fbdb7b25c62ececc97f0626566661

  • SHA256

    f945a810f425eef804add739ef693b244396e0bd436c2c84e02eeca3fe0b713f

  • SHA512

    6d0787851c5d69a58bbb4631d41fef0bda18905ef95b34d0cf3c9c56293f6f92e489df69085b755b09cc5f88327d81537747ecbfccbcce947e47101f9d2bd77e

  • SSDEEP

    3072:iYrClLswbDkrc5GR2iLzgChTUBEj7pNIAdVu:i7eZowzgH0vBw

Score
10/10
smokeloaderbackdoordiscoverytrojan

Malware Config

Targets

    • Target

      e75b4e00e7ca3213f0b2763f1adf7f33_JaffaCakes118

    • Size

      149KB

    • MD5

      e75b4e00e7ca3213f0b2763f1adf7f33

    • SHA1

      5977af37533fbdb7b25c62ececc97f0626566661

    • SHA256

      f945a810f425eef804add739ef693b244396e0bd436c2c84e02eeca3fe0b713f

    • SHA512

      6d0787851c5d69a58bbb4631d41fef0bda18905ef95b34d0cf3c9c56293f6f92e489df69085b755b09cc5f88327d81537747ecbfccbcce947e47101f9d2bd77e

    • SSDEEP

      3072:iYrClLswbDkrc5GR2iLzgChTUBEj7pNIAdVu:i7eZowzgH0vBw

    Score
    10/10
    smokeloaderbackdoordiscoverytrojan

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Loads dropped DLL

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      fbe295e5a1acfbd0a6271898f885fe6a

    • SHA1

      d6d205922e61635472efb13c2bb92c9ac6cb96da

    • SHA256

      a1390a78533c47e55cc364e97af431117126d04a7faed49390210ea3e89dd0e1

    • SHA512

      2cb596971e504eaf1ce8e3f09719ebfb3f6234cea5ca7b0d33ec7500832ff4b97ec2bbe15a1fbf7e6a5b02c59db824092b9562cd8991f4d027feab6fd3177b06

    • SSDEEP

      192:yPtkiQJr7V9r3Ftr87NfwXQ6whlgi62V7i77blbTc4DI:N7Vxr8IgLgi3sVc4

    Score
    3/10
    discovery
    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks