smokeloader | 4a161f494bb109e9b5a0018d5ffacaea48e22b2d544c6712b176bd8cc008a9e2 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

4a161f494bb109e9b5a0018d5ffacaea48e22b2d544c6712b176bd8cc008a9e2
Size

133KB
Sample

221003-hjlcxabhc2
MD5

7e34392536b8500dae46a112f635e551
SHA1

c5e1ce8fd89d8a0c5bf9df36cc7d96723f108f49
SHA256

4a161f494bb109e9b5a0018d5ffacaea48e22b2d544c6712b176bd8cc008a9e2
SHA512

cc3a74c0e9274fed346aaf876e0b40c2eb4758aee9650e306d7a40b81dabbab967fcbb79d487454323c0e6d8c18f3f290e30dce6f307d66db6e3f20aa874d9a9
SSDEEP

3072:wXlkOR8sNOsNqPUDC2wnB3/pgMbymCeD:QNOsoP+C/B3h/b+

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

4a161f494bb109e9b5a0018d5ffacaea48e22b2d544c6712b176bd8cc008a9e2.exe

Resource

win10v2004-20220901-en

smokeloader backdoor trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  4a161f494bb109e9b5a0018d5ffacaea48e22b2d544c6712b176bd8cc008a9e2
- Size
  
  133KB
- MD5
  
  7e34392536b8500dae46a112f635e551
- SHA1
  
  c5e1ce8fd89d8a0c5bf9df36cc7d96723f108f49
- SHA256
  
  4a161f494bb109e9b5a0018d5ffacaea48e22b2d544c6712b176bd8cc008a9e2
- SHA512
  
  cc3a74c0e9274fed346aaf876e0b40c2eb4758aee9650e306d7a40b81dabbab967fcbb79d487454323c0e6d8c18f3f290e30dce6f307d66db6e3f20aa874d9a9
- SSDEEP
  
  3072:wXlkOR8sNOsNqPUDC2wnB3/pgMbymCeD:QNOsoP+C/B3h/b+
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy