smokeloader | 481fea13c4c82c88481dddf78381c02bbef71e77dd6dac682ea655e0f2e84bd5 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-1703-x64

Sharing

General

Target

481fea13c4c82c88481dddf78381c02bbef71e77dd6dac682ea655e0f2e84bd5
Size

196KB
Sample

220924-lqkazaccgn
MD5

9192fddc0e7fa530509020049c3d473b
SHA1

104a72ee7361c5251aae589dc65a7ff3b30d46c1
SHA256

481fea13c4c82c88481dddf78381c02bbef71e77dd6dac682ea655e0f2e84bd5
SHA512

8245f491a483749327ef65e51ad6a83eae70fd93a0597eb577b06ddd65e42635b0fde8fb20d5784e239f36e0ea2e61cb99fb01af4e12035dd2bb798e51cbba9a
SSDEEP

3072:v4fYMLMywuzsMd85hkL48cO5hAN1kTwFikAJzongByoweEli/PkF4x:JMLPsMZL488/QwckAJUn/

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

481fea13c4c82c88481dddf78381c02bbef71e77dd6dac682ea655e0f2e84bd5.exe

Resource

win10-20220812-en

smokeloader backdoor trojan

windows10-1703-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  481fea13c4c82c88481dddf78381c02bbef71e77dd6dac682ea655e0f2e84bd5
- Size
  
  196KB
- MD5
  
  9192fddc0e7fa530509020049c3d473b
- SHA1
  
  104a72ee7361c5251aae589dc65a7ff3b30d46c1
- SHA256
  
  481fea13c4c82c88481dddf78381c02bbef71e77dd6dac682ea655e0f2e84bd5
- SHA512
  
  8245f491a483749327ef65e51ad6a83eae70fd93a0597eb577b06ddd65e42635b0fde8fb20d5784e239f36e0ea2e61cb99fb01af4e12035dd2bb798e51cbba9a
- SSDEEP
  
  3072:v4fYMLMywuzsMd85hkL48cO5hAN1kTwFikAJzongByoweEli/PkF4x:JMLPsMZL488/QwckAJUn/
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Deletes itself
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy