smokeloader | 243228bc7e519d9752df43a4e3f74f5d122c7a2d056f05b9b0fa41c180f72818 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

243228bc7e519d9752df43a4e3f74f5d122c7a2d056f05b9b0fa41c180f72818
Size

169KB
Sample

220923-kajh3agbh5
MD5

c369909309e61f63d30025af685593a9
SHA1

99c04fe412237ebe506433e0687291379e227763
SHA256

243228bc7e519d9752df43a4e3f74f5d122c7a2d056f05b9b0fa41c180f72818
SHA512

0ec24ecadc495f5941b4fbd733772c3c6acac4f12f23cacf9e31b3d75cb07b9f3b87ad4d5eb837567aad4bd118770916c6c595b1e36adc7a0d1d0b67ee034e1f
SSDEEP

3072:0a8LHx5xnjB4scu0ndg14SU2BquypWp8/PkW4n:KLHtjWHdGpyY

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

243228bc7e519d9752df43a4e3f74f5d122c7a2d056f05b9b0fa41c180f72818.exe

Resource

win10v2004-20220901-en

smokeloader backdoor trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  243228bc7e519d9752df43a4e3f74f5d122c7a2d056f05b9b0fa41c180f72818
- Size
  
  169KB
- MD5
  
  c369909309e61f63d30025af685593a9
- SHA1
  
  99c04fe412237ebe506433e0687291379e227763
- SHA256
  
  243228bc7e519d9752df43a4e3f74f5d122c7a2d056f05b9b0fa41c180f72818
- SHA512
  
  0ec24ecadc495f5941b4fbd733772c3c6acac4f12f23cacf9e31b3d75cb07b9f3b87ad4d5eb837567aad4bd118770916c6c595b1e36adc7a0d1d0b67ee034e1f
- SSDEEP
  
  3072:0a8LHx5xnjB4scu0ndg14SU2BquypWp8/PkW4n:KLHtjWHdGpyY
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy