smokeloader | e15f9e0b0236b8d07fd4386c9a10ffc03da5a53d7a24fab47de3d85890b335a2 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-1703-x64

Sharing

General

Target

e15f9e0b0236b8d07fd4386c9a10ffc03da5a53d7a24fab47de3d85890b335a2
Size

133KB
Sample

221002-ws29nsfdc5
MD5

38e838a63d7f1f21339707c3ccd7df72
SHA1

551503a13a776b75e57549d82db5065a2948b890
SHA256

e15f9e0b0236b8d07fd4386c9a10ffc03da5a53d7a24fab47de3d85890b335a2
SHA512

10a79e838b7ab6f0f4a0c38fde545d57a18deedcbcfdbfd565743b2f120292acad488cf0a658a0b07dd27626c46ed3b1116a338527a191e30dae0b3676fa49c7
SSDEEP

3072:NgZePORO9QFX0cjlVRg1EIavvGlVblBNY7PAsnUCyG:BT9g0GsaWl08sNy

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

e15f9e0b0236b8d07fd4386c9a10ffc03da5a53d7a24fab47de3d85890b335a2.exe

Resource

win10-20220812-en

smokeloader backdoor trojan

windows10-1703-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  e15f9e0b0236b8d07fd4386c9a10ffc03da5a53d7a24fab47de3d85890b335a2
- Size
  
  133KB
- MD5
  
  38e838a63d7f1f21339707c3ccd7df72
- SHA1
  
  551503a13a776b75e57549d82db5065a2948b890
- SHA256
  
  e15f9e0b0236b8d07fd4386c9a10ffc03da5a53d7a24fab47de3d85890b335a2
- SHA512
  
  10a79e838b7ab6f0f4a0c38fde545d57a18deedcbcfdbfd565743b2f120292acad488cf0a658a0b07dd27626c46ed3b1116a338527a191e30dae0b3676fa49c7
- SSDEEP
  
  3072:NgZePORO9QFX0cjlVRg1EIavvGlVblBNY7PAsnUCyG:BT9g0GsaWl08sNy
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Deletes itself
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2025

Terms | Privacy