smokeloader | 583849669afc93ab0413b76cae28b41d31ddda7bb99cd3e19b07ae96becdcbc1 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

583849669afc93ab0413b76cae28b41d31ddda7bb99cd3e19b07ae96becdcbc1
Size

141KB
Sample

220930-w8gmxafdcj
MD5

507c352cbdd0a18d9eed4f3e22a3a1bd
SHA1

7098f941d634726377ea3b92712beb60e31a5bf5
SHA256

583849669afc93ab0413b76cae28b41d31ddda7bb99cd3e19b07ae96becdcbc1
SHA512

ff3ba59a1cc4bb78baa4c032acfd1f2d0276d53c6e74de58f7389b43e51245284e08b89ba1cd22d9da397bf71f6e19e8989555f6c131043d4d83d6987323b377
SSDEEP

3072:O6OUCktLGR0KKcDDXiutiAR/qGv9TB2mR03VmbLCglKiGK:DtjR1AqGv9TYYamnPlJ

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

583849669afc93ab0413b76cae28b41d31ddda7bb99cd3e19b07ae96becdcbc1.exe

Resource

win10v2004-20220812-en

smokeloader backdoor trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  583849669afc93ab0413b76cae28b41d31ddda7bb99cd3e19b07ae96becdcbc1
- Size
  
  141KB
- MD5
  
  507c352cbdd0a18d9eed4f3e22a3a1bd
- SHA1
  
  7098f941d634726377ea3b92712beb60e31a5bf5
- SHA256
  
  583849669afc93ab0413b76cae28b41d31ddda7bb99cd3e19b07ae96becdcbc1
- SHA512
  
  ff3ba59a1cc4bb78baa4c032acfd1f2d0276d53c6e74de58f7389b43e51245284e08b89ba1cd22d9da397bf71f6e19e8989555f6c131043d4d83d6987323b377
- SSDEEP
  
  3072:O6OUCktLGR0KKcDDXiutiAR/qGv9TB2mR03VmbLCglKiGK:DtjR1AqGv9TYYamnPlJ
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy