smokeloader | 2d108b21d74491c9045f241a045361279342a55b40f6b6ee5779d0a146270a7b | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

2d108b21d74491c9045f241a045361279342a55b40f6b6ee5779d0a146270a7b
Size

169KB
Sample

220923-g3v6sadda6
MD5

99821e7b04f23ca36ef0b2a9dc3c4de7
SHA1

2e8aa1b3bc27558e5a4ccb11d9d7dac7a49fa2a1
SHA256

2d108b21d74491c9045f241a045361279342a55b40f6b6ee5779d0a146270a7b
SHA512

31e7a2c7305fdd81c991022697e3b188cb0afaf456d9b5e4549b427b11242b27a681a0a8fb55c76bc60152db6be90747db7d0a42f539124a23fb74794ef1e42a
SSDEEP

3072:FK+LrpY5b9KrsH+j3noBhv529dENBy8+K/PkWDn:xLrpu9usFh8Pl

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

2d108b21d74491c9045f241a045361279342a55b40f6b6ee5779d0a146270a7b.exe

Resource

win10v2004-20220812-en

smokeloader backdoor trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  2d108b21d74491c9045f241a045361279342a55b40f6b6ee5779d0a146270a7b
- Size
  
  169KB
- MD5
  
  99821e7b04f23ca36ef0b2a9dc3c4de7
- SHA1
  
  2e8aa1b3bc27558e5a4ccb11d9d7dac7a49fa2a1
- SHA256
  
  2d108b21d74491c9045f241a045361279342a55b40f6b6ee5779d0a146270a7b
- SHA512
  
  31e7a2c7305fdd81c991022697e3b188cb0afaf456d9b5e4549b427b11242b27a681a0a8fb55c76bc60152db6be90747db7d0a42f539124a23fb74794ef1e42a
- SSDEEP
  
  3072:FK+LrpY5b9KrsH+j3noBhv529dENBy8+K/PkWDn:xLrpu9usFh8Pl
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy