smokeloader | b17b543cc8fb468377f5bca1d596ac953eaf5652a77624440bffff53390c131e | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

b17b543cc8fb468377f5bca1d596ac953eaf5652a77624440bffff53390c131e
Size

146KB
Sample

220921-ffhrhaafgm
MD5

5b3438b2b01d6fea325bcdfd1fb6b27c
SHA1

8ffc95bb52d92436665ce0f915668c5d77b93561
SHA256

b17b543cc8fb468377f5bca1d596ac953eaf5652a77624440bffff53390c131e
SHA512

63098299b3dd8b9ccb12c9422a49a4061465eedf4d299abc1fd92bbd4316678acebaec99ba339ec60db0aa54f7635eb77c6145b778162dbc86fbe3e822b0c7f9
SSDEEP

3072:gj6d9gQ5BdZicNJNth14ZbvsqU7nnW/ZBwn:wwXicZ+UqULnW/

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

b17b543cc8fb468377f5bca1d596ac953eaf5652a77624440bffff53390c131e.exe

Resource

win10v2004-20220901-en

smokeloader backdoor trojan

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  b17b543cc8fb468377f5bca1d596ac953eaf5652a77624440bffff53390c131e
- Size
  
  146KB
- MD5
  
  5b3438b2b01d6fea325bcdfd1fb6b27c
- SHA1
  
  8ffc95bb52d92436665ce0f915668c5d77b93561
- SHA256
  
  b17b543cc8fb468377f5bca1d596ac953eaf5652a77624440bffff53390c131e
- SHA512
  
  63098299b3dd8b9ccb12c9422a49a4061465eedf4d299abc1fd92bbd4316678acebaec99ba339ec60db0aa54f7635eb77c6145b778162dbc86fbe3e822b0c7f9
- SSDEEP
  
  3072:gj6d9gQ5BdZicNJNth14ZbvsqU7nnW/ZBwn:wwXicZ+UqULnW/
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy