smokeloader | eb9af9bce4883f0140b54aab7a142a4e51e4e3585893f39ff58bb817298bcb10 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

eb9af9bce4883f0140b54aab7a142a4e51e4e3585893f39ff58bb817298bcb10
Size

318KB
Sample

211203-1caa6shdel
MD5

4bf2cb94c866a7484ac79cf0b78b3770
SHA1

c79c299b07dbebf6017578f9caa2df796561c70a
SHA256

eb9af9bce4883f0140b54aab7a142a4e51e4e3585893f39ff58bb817298bcb10
SHA512

5556c78b7c24d55fd7025679fc7f67109a33a1793dba0e1a48882455253eb1a26c26fe31698edd8d20671d2d9f4857320a9a16934897e2513dc268a49b4c28a7

Score

10^/10

smokeloader backdoor collection evasion trojan

Static task

static1

Behavioral task

behavioral1

Sample

eb9af9bce4883f0140b54aab7a142a4e51e4e3585893f39ff58bb817298bcb10.exe

Resource

win10-en-20211104

smokeloader backdoor collection evasion trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

smokeloader

Version

2020

C2

https://cinems.club/search.php

https://clothes.surf/search.php

rc4.i32

rc4.i32

Targets

- Target
  
  eb9af9bce4883f0140b54aab7a142a4e51e4e3585893f39ff58bb817298bcb10
- Size
  
  318KB
- MD5
  
  4bf2cb94c866a7484ac79cf0b78b3770
- SHA1
  
  c79c299b07dbebf6017578f9caa2df796561c70a
- SHA256
  
  eb9af9bce4883f0140b54aab7a142a4e51e4e3585893f39ff58bb817298bcb10
- SHA512
  
  5556c78b7c24d55fd7025679fc7f67109a33a1793dba0e1a48882455253eb1a26c26fe31698edd8d20671d2d9f4857320a9a16934897e2513dc268a49b4c28a7
Score

10^/10

smokeloader backdoor collection evasion trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Modifies Windows Firewall
  evasion
- Deletes itself
- Accesses Microsoft Outlook profiles
  collection
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Command-Line Interface

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Process Discovery

Lateral Movement

Collection

Email Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

smokeloaderbackdoorcollectionevasiontrojan

© 2018-2024

Terms | Privacy