smokeloader | e39ac586f8c28e0fa10882065e8415359a0e84ed101e8198c4ed9fa32746c232 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

e39ac586f8c28e0fa10882065e8415359a0e84ed101e8198c4ed9fa32746c232
Size

197KB
Sample

220925-esls9adbf5
MD5

a8bc44e1425f4182feaede5d1d2870d1
SHA1

6ecb3222702b17b0d6431b9fbfd470ac4636cd54
SHA256

e39ac586f8c28e0fa10882065e8415359a0e84ed101e8198c4ed9fa32746c232
SHA512

870fc14ed2feadd99233bc30a83a432e23a62492a4afd9df47228aceebc74eec72936e2d734db1e6e5d5e4f0fc0cce9d493d93b7ad02845d6d77329af611544a
SSDEEP

3072:OhejokL528PJTN5XKBOSa4oNW3ytLpdPekc0BxnmXqdNz/PkkXx:YmLLPJc3yt3BcynV

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

e39ac586f8c28e0fa10882065e8415359a0e84ed101e8198c4ed9fa32746c232.exe

Resource

win10v2004-20220901-en

smokeloader backdoor trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  e39ac586f8c28e0fa10882065e8415359a0e84ed101e8198c4ed9fa32746c232
- Size
  
  197KB
- MD5
  
  a8bc44e1425f4182feaede5d1d2870d1
- SHA1
  
  6ecb3222702b17b0d6431b9fbfd470ac4636cd54
- SHA256
  
  e39ac586f8c28e0fa10882065e8415359a0e84ed101e8198c4ed9fa32746c232
- SHA512
  
  870fc14ed2feadd99233bc30a83a432e23a62492a4afd9df47228aceebc74eec72936e2d734db1e6e5d5e4f0fc0cce9d493d93b7ad02845d6d77329af611544a
- SSDEEP
  
  3072:OhejokL528PJTN5XKBOSa4oNW3ytLpdPekc0BxnmXqdNz/PkkXx:YmLLPJc3yt3BcynV
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy