smokeloader | 2e35d43cf9b3c2c959e73a54ded93cdddc13d9887c886d2249477bf6eb2eedfd | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

2e35d43cf9b3c2c959e73a54ded93cdddc13d9887c886d2249477bf6eb2eedfd
Size

250KB
Sample

211204-gga9gsdcf3
MD5

c76ce1011ba516dbfb0985d900a10ff5
SHA1

831bd5731394f811355fe21e500139ed4970516f
SHA256

2e35d43cf9b3c2c959e73a54ded93cdddc13d9887c886d2249477bf6eb2eedfd
SHA512

2edaea5b8e5c7ebc0328ba0643eade4cc2651403d49a5194822b37aed8d6e8c595a01122cf5d974a6d9f7100b7685ff11013ae3e0ff2fb416451e3877e77f479

Score

10^/10

smokeloader backdoor collection evasion trojan

Static task

static1

Behavioral task

behavioral1

Sample

2e35d43cf9b3c2c959e73a54ded93cdddc13d9887c886d2249477bf6eb2eedfd.exe

Resource

win10-en-20211014

smokeloader backdoor collection evasion trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

smokeloader

Version

2020

C2

https://cinems.club/search.php

https://clothes.surf/search.php

rc4.i32

rc4.i32

Targets

- Target
  
  2e35d43cf9b3c2c959e73a54ded93cdddc13d9887c886d2249477bf6eb2eedfd
- Size
  
  250KB
- MD5
  
  c76ce1011ba516dbfb0985d900a10ff5
- SHA1
  
  831bd5731394f811355fe21e500139ed4970516f
- SHA256
  
  2e35d43cf9b3c2c959e73a54ded93cdddc13d9887c886d2249477bf6eb2eedfd
- SHA512
  
  2edaea5b8e5c7ebc0328ba0643eade4cc2651403d49a5194822b37aed8d6e8c595a01122cf5d974a6d9f7100b7685ff11013ae3e0ff2fb416451e3877e77f479
Score

10^/10

smokeloader backdoor collection evasion trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Modifies Windows Firewall
  evasion
- Deletes itself
- Accesses Microsoft Outlook profiles
  collection
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Command-Line Interface

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Process Discovery

Lateral Movement

Collection

Email Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

smokeloaderbackdoorcollectionevasiontrojan

© 2018-2024

Terms | Privacy