smokeloader | cff5fd1d6e1d0d7e21a4e370b71bbee3dc91c05b668cf8975533531d8b3e6a19 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-1703-x64

Sharing

Copy URL Twitter E-mail

General

Target

cff5fd1d6e1d0d7e21a4e370b71bbee3dc91c05b668cf8975533531d8b3e6a19
Size

266KB
Sample

220912-x73z7aeac3
MD5

2df0423e389dc89b94c8b5f18ab39766
SHA1

51f663331e11331fdc69fb283f45958d09948746
SHA256

cff5fd1d6e1d0d7e21a4e370b71bbee3dc91c05b668cf8975533531d8b3e6a19
SHA512

afa496e540b7f5e0abc0944c9e852286f4b78cda2fa9543d6b9c865c26bd71082fe4ea3374c48536a391c1c131a3b2908d440da8c3b67f0ab71440b28e5a84fc
SSDEEP

3072:2rl7HSf8Lbmb2k1jcsOYuMilfM8x009MVhxg7RJgrVxQpMr+d54WxRFaqP7+KDtC:2E92k1wsO9MilfM6p7RJOVKy+ZB7+9

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

cff5fd1d6e1d0d7e21a4e370b71bbee3dc91c05b668cf8975533531d8b3e6a19.exe

Resource

win10-20220812-en

smokeloader backdoor trojan

windows10-1703-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  cff5fd1d6e1d0d7e21a4e370b71bbee3dc91c05b668cf8975533531d8b3e6a19
- Size
  
  266KB
- MD5
  
  2df0423e389dc89b94c8b5f18ab39766
- SHA1
  
  51f663331e11331fdc69fb283f45958d09948746
- SHA256
  
  cff5fd1d6e1d0d7e21a4e370b71bbee3dc91c05b668cf8975533531d8b3e6a19
- SHA512
  
  afa496e540b7f5e0abc0944c9e852286f4b78cda2fa9543d6b9c865c26bd71082fe4ea3374c48536a391c1c131a3b2908d440da8c3b67f0ab71440b28e5a84fc
- SSDEEP
  
  3072:2rl7HSf8Lbmb2k1jcsOYuMilfM8x009MVhxg7RJgrVxQpMr+d54WxRFaqP7+KDtC:2E92k1wsO9MilfM6p7RJOVKy+ZB7+9
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Deletes itself
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2025

Terms | Privacy