smokeloader | b2e3044bb3d2c1fbc230806a1f12b34e13ef08f892a1a57050db293b97ba4f6e | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

b2e3044bb3d2c1fbc230806a1f12b34e13ef08f892a1a57050db293b97ba4f6e
Size

327KB
Sample

220928-e74mlsgber
MD5

e1964dd4cf9c96147424db122a1b81e3
SHA1

e6d4555f0ce752884f320ad9dd5d87c19ec2778c
SHA256

b2e3044bb3d2c1fbc230806a1f12b34e13ef08f892a1a57050db293b97ba4f6e
SHA512

619d0c978f71fcf0115e1a8748fca45b3b22416ae52070c828c61079e552686ab153d1d7ff869f399a51504047b24ca391cfc433d239fa28f6aca500563ee2cd
SSDEEP

6144:zs976VYiyJ0GY+tsJY7gxRUE0dnnigabwVfs:zs9u3yqF+2JYiedniB

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

b2e3044bb3d2c1fbc230806a1f12b34e13ef08f892a1a57050db293b97ba4f6e.exe

Resource

win10v2004-20220812-en

smokeloader backdoor trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  b2e3044bb3d2c1fbc230806a1f12b34e13ef08f892a1a57050db293b97ba4f6e
- Size
  
  327KB
- MD5
  
  e1964dd4cf9c96147424db122a1b81e3
- SHA1
  
  e6d4555f0ce752884f320ad9dd5d87c19ec2778c
- SHA256
  
  b2e3044bb3d2c1fbc230806a1f12b34e13ef08f892a1a57050db293b97ba4f6e
- SHA512
  
  619d0c978f71fcf0115e1a8748fca45b3b22416ae52070c828c61079e552686ab153d1d7ff869f399a51504047b24ca391cfc433d239fa28f6aca500563ee2cd
- SSDEEP
  
  6144:zs976VYiyJ0GY+tsJY7gxRUE0dnnigabwVfs:zs9u3yqF+2JYiedniB
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2025

Terms | Privacy