smokeloader | 8061140c1e20c4bc15d5a181992d157beb4ab9b8f771320b8b6235f1f899e667 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

8061140c1e20c4bc15d5a181992d157beb4ab9b8f771320b8b6235f1f899e667
Size

318KB
Sample

211203-mhma2abah9
MD5

60f6ac9694da29d31008ab0acf6c4cc1
SHA1

92c8e98ca561f0077573ba17ad58059caf748248
SHA256

8061140c1e20c4bc15d5a181992d157beb4ab9b8f771320b8b6235f1f899e667
SHA512

51d95504e4ee5e707d7d8b2127ffb1a82583407ae27ec8e743a3974f275768cf15b6b4fce443f9cec0512aa60b71be23376ca265e80a2d1a0fd0f1026c79a3d9

Score

10^/10

smokeloader backdoor collection evasion trojan

Static task

static1

Behavioral task

behavioral1

Sample

8061140c1e20c4bc15d5a181992d157beb4ab9b8f771320b8b6235f1f899e667.exe

Resource

win10-en-20211104

smokeloader backdoor collection evasion trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

smokeloader

Version

2020

C2

https://cinems.club/search.php

https://clothes.surf/search.php

rc4.i32

rc4.i32

Targets

- Target
  
  8061140c1e20c4bc15d5a181992d157beb4ab9b8f771320b8b6235f1f899e667
- Size
  
  318KB
- MD5
  
  60f6ac9694da29d31008ab0acf6c4cc1
- SHA1
  
  92c8e98ca561f0077573ba17ad58059caf748248
- SHA256
  
  8061140c1e20c4bc15d5a181992d157beb4ab9b8f771320b8b6235f1f899e667
- SHA512
  
  51d95504e4ee5e707d7d8b2127ffb1a82583407ae27ec8e743a3974f275768cf15b6b4fce443f9cec0512aa60b71be23376ca265e80a2d1a0fd0f1026c79a3d9
Score

10^/10

smokeloader backdoor collection evasion trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Executes dropped EXE
- Modifies Windows Firewall
  evasion
- Deletes itself
- Accesses Microsoft Outlook profiles
  collection
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Command-Line Interface

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Process Discovery

Lateral Movement

Collection

Email Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

smokeloaderbackdoorcollectionevasiontrojan

© 2018-2024

Terms | Privacy