smokeloader | 3fdb06f4351bd12295e659f3f7e4e6534f12751d6b7c0d76850c7ec6e01f6611 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

3fdb06f4351bd12295e659f3f7e4e6534f12751d6b7c0d76850c7ec6e01f6611
Size

290KB
Sample

220908-nh7gmsbfdl
MD5

063178fbaaaa6ffc6c0725878c40f4c6
SHA1

8dd26e2be3e4b9201f99f6a3bf0e4ce20cbd39c3
SHA256

3fdb06f4351bd12295e659f3f7e4e6534f12751d6b7c0d76850c7ec6e01f6611
SHA512

0ff75bd251f97bd84486617c5ae3494bad87946bed91c889bf3c2e32f1f53996c0bfffcce41019564f4bb4a41b6c3313b01552c0421544e7618842d8871b3eb7
SSDEEP

6144:shnQlq8xOEgoWDITr3qycv0gCRFb1UNLNTlk8niWNw2oy:HlIEgoWYbqycv0f1UNL3n54

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

3fdb06f4351bd12295e659f3f7e4e6534f12751d6b7c0d76850c7ec6e01f6611.exe

Resource

win10v2004-20220901-en

smokeloader backdoor trojan

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  3fdb06f4351bd12295e659f3f7e4e6534f12751d6b7c0d76850c7ec6e01f6611
- Size
  
  290KB
- MD5
  
  063178fbaaaa6ffc6c0725878c40f4c6
- SHA1
  
  8dd26e2be3e4b9201f99f6a3bf0e4ce20cbd39c3
- SHA256
  
  3fdb06f4351bd12295e659f3f7e4e6534f12751d6b7c0d76850c7ec6e01f6611
- SHA512
  
  0ff75bd251f97bd84486617c5ae3494bad87946bed91c889bf3c2e32f1f53996c0bfffcce41019564f4bb4a41b6c3313b01552c0421544e7618842d8871b3eb7
- SSDEEP
  
  6144:shnQlq8xOEgoWDITr3qycv0gCRFb1UNLNTlk8niWNw2oy:HlIEgoWYbqycv0f1UNL3n54
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2025

Terms | Privacy