smokeloader | 79d08dccf19acbba04ee47a077bedb496ee8619572f413f76ad0f725bee14acf | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

79d08dccf19acbba04ee47a077bedb496ee8619572f413f76ad0f725bee14acf
Size

133KB
Sample

221003-hmrdbscaf3
MD5

29b7db2d6ded8be1748d13aa93f88c09
SHA1

de37a92371c082729e5fc3418df9f32deec8e4c1
SHA256

79d08dccf19acbba04ee47a077bedb496ee8619572f413f76ad0f725bee14acf
SHA512

b7d92bd30bb2aee990b6a41ac8838fb23480d56327f7965c079277bd934bcf9ba063d33281d821b9a6f96669d6b5451a57051dff25dd9d4d45bc2a4cb69a7ce6
SSDEEP

3072:aCoL9pORH8xlvgt0Rz6AMv68k57Nt3Kfsi:c68LoZAz8oNk

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

79d08dccf19acbba04ee47a077bedb496ee8619572f413f76ad0f725bee14acf.exe

Resource

win10v2004-20220812-en

smokeloader backdoor trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  79d08dccf19acbba04ee47a077bedb496ee8619572f413f76ad0f725bee14acf
- Size
  
  133KB
- MD5
  
  29b7db2d6ded8be1748d13aa93f88c09
- SHA1
  
  de37a92371c082729e5fc3418df9f32deec8e4c1
- SHA256
  
  79d08dccf19acbba04ee47a077bedb496ee8619572f413f76ad0f725bee14acf
- SHA512
  
  b7d92bd30bb2aee990b6a41ac8838fb23480d56327f7965c079277bd934bcf9ba063d33281d821b9a6f96669d6b5451a57051dff25dd9d4d45bc2a4cb69a7ce6
- SSDEEP
  
  3072:aCoL9pORH8xlvgt0Rz6AMv68k57Nt3Kfsi:c68LoZAz8oNk
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy