smokeloader | a93e8aa0f162f9e97117f7f7300819e31ed3f5726edc9f64e9fa92151a5f3f2c | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-1703-x64

Sharing

Copy URL Twitter E-mail

General

Target

a93e8aa0f162f9e97117f7f7300819e31ed3f5726edc9f64e9fa92151a5f3f2c
Size

147KB
Sample

220919-3egjdafccn
MD5

f3122079eb2a4512c2f9db3b7c00501a
SHA1

c744dd37c670c6b83d390ebc4127b513dadc0a95
SHA256

a93e8aa0f162f9e97117f7f7300819e31ed3f5726edc9f64e9fa92151a5f3f2c
SHA512

91965e594d22aac687538b2a187052031342a8406bb3ca9fba7dae0949df2741c411470d4820e172cd14ee7680df2864684d51f0ddf36a29e578f86fae5c9aae
SSDEEP

3072:VukyLvH5gk+81kMQJ2ZeIeUfAwREq+cMzHG7FBJAnAXx:MLveVYZM1UAS7rMHeIA

Score

10^/10

smokeloader backdoor spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

a93e8aa0f162f9e97117f7f7300819e31ed3f5726edc9f64e9fa92151a5f3f2c.exe

Resource

win10-20220812-en

smokeloader backdoor spyware stealer trojan

windows10-1703-x64

15 signatures

150 seconds

Malware Config

Targets

- Target
  
  a93e8aa0f162f9e97117f7f7300819e31ed3f5726edc9f64e9fa92151a5f3f2c
- Size
  
  147KB
- MD5
  
  f3122079eb2a4512c2f9db3b7c00501a
- SHA1
  
  c744dd37c670c6b83d390ebc4127b513dadc0a95
- SHA256
  
  a93e8aa0f162f9e97117f7f7300819e31ed3f5726edc9f64e9fa92151a5f3f2c
- SHA512
  
  91965e594d22aac687538b2a187052031342a8406bb3ca9fba7dae0949df2741c411470d4820e172cd14ee7680df2864684d51f0ddf36a29e578f86fae5c9aae
- SSDEEP
  
  3072:VukyLvH5gk+81kMQJ2ZeIeUfAwREq+cMzHG7FBJAnAXx:MLveVYZM1UAS7rMHeIA
Score

10^/10

smokeloader backdoor spyware stealer trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Downloads MZ/PE file
- Executes dropped EXE
- Deletes itself
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoorspywarestealertrojan

© 2018-2025

Terms | Privacy