smokeloader | ab1b0fa623cbdb0a88f78c55854f1566a83bedf9cd30e347f3b945792c7f503f | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

ab1b0fa623cbdb0a88f78c55854f1566a83bedf9cd30e347f3b945792c7f503f
Size

197KB
Sample

220924-3ffy8scde5
MD5

4d5f07dcd91c390bf51133d77a7c4e6b
SHA1

4e89d921405d54290567d3e85cc0b8cf6c8d7028
SHA256

ab1b0fa623cbdb0a88f78c55854f1566a83bedf9cd30e347f3b945792c7f503f
SHA512

f03e9ef0f3df18cf1c9b391a283300d6a80df6d298ce112598bd938bce33c818cb46a5bce6376c68b315c50ea9785b0a7a54778a470738d9a6da39e4669f1ad9
SSDEEP

3072:gvz4siL84AFaN52/Y57tc8dWn67TAGvGBt88/PkkXx:XLOFv+7rs6p

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

ab1b0fa623cbdb0a88f78c55854f1566a83bedf9cd30e347f3b945792c7f503f.exe

Resource

win10v2004-20220812-en

smokeloader backdoor trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  ab1b0fa623cbdb0a88f78c55854f1566a83bedf9cd30e347f3b945792c7f503f
- Size
  
  197KB
- MD5
  
  4d5f07dcd91c390bf51133d77a7c4e6b
- SHA1
  
  4e89d921405d54290567d3e85cc0b8cf6c8d7028
- SHA256
  
  ab1b0fa623cbdb0a88f78c55854f1566a83bedf9cd30e347f3b945792c7f503f
- SHA512
  
  f03e9ef0f3df18cf1c9b391a283300d6a80df6d298ce112598bd938bce33c818cb46a5bce6376c68b315c50ea9785b0a7a54778a470738d9a6da39e4669f1ad9
- SSDEEP
  
  3072:gvz4siL84AFaN52/Y57tc8dWn67TAGvGBt88/PkkXx:XLOFv+7rs6p
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy