smokeloader | 967b5063535da578296d2ce53d455121ff3b01ebba5f802b4189d2cab380a683 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004_x64

Sharing

General

Target

967b5063535da578296d2ce53d455121ff3b01ebba5f802b4189d2cab380a683
Size

305KB
Sample

220521-ra95cacgdp
MD5

37bb71b538481cf3ea8d95078e05c46f
SHA1

432dcd366369eb3a2ca673fed5784253ec3ecc32
SHA256

967b5063535da578296d2ce53d455121ff3b01ebba5f802b4189d2cab380a683
SHA512

c2384936164deb6697616bb19a810e0447ff2fb2b185e912de807c7904c61ca78571d00772278044798e3b46fc24b0600b9961526457bed1a5c7c858154f2d9a

Score

10^/10

smokeloader backdoor evasion trojan

Static task

static1

Behavioral task

behavioral1

Sample

967b5063535da578296d2ce53d455121ff3b01ebba5f802b4189d2cab380a683.exe

Resource

win10v2004-20220414-en

smokeloader backdoor evasion trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

smokeloader

Version

2020

C2

https://ny-city-mall.com/search.php

https://fresh-cars.net/search.php

rc4.i32

rc4.i32

Targets

- Target
  
  967b5063535da578296d2ce53d455121ff3b01ebba5f802b4189d2cab380a683
- Size
  
  305KB
- MD5
  
  37bb71b538481cf3ea8d95078e05c46f
- SHA1
  
  432dcd366369eb3a2ca673fed5784253ec3ecc32
- SHA256
  
  967b5063535da578296d2ce53d455121ff3b01ebba5f802b4189d2cab380a683
- SHA512
  
  c2384936164deb6697616bb19a810e0447ff2fb2b185e912de807c7904c61ca78571d00772278044798e3b46fc24b0600b9961526457bed1a5c7c858154f2d9a
Score

10^/10

smokeloader backdoor evasion trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Modifies Windows Firewall
  evasion
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Command-Line Interface

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Process Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

smokeloaderbackdoorevasiontrojan

© 2018-2024

Terms | Privacy