smokeloader | 5b8b64c570e91d014d876d61c15a793eb46fe42c50f037113437c62aaea015e8 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-1703-x64

Sharing

General

Target

5b8b64c570e91d014d876d61c15a793eb46fe42c50f037113437c62aaea015e8
Size

265KB
Sample

221004-3m6hgadbgn
MD5

e704a20dd55f35e12e7aad186f1f3bc1
SHA1

505f5f855bc92097413ccbf44b605287e8ca5aa7
SHA256

5b8b64c570e91d014d876d61c15a793eb46fe42c50f037113437c62aaea015e8
SHA512

57d0ba5688ebf831ff5ca984dadd765c8d3bba2f0670c2d3853f5ff41c667a7d515c9ab4acc6d4e7c4eb0efdafe76d3681681e1a7c8e25c56ea0dedd4a8dee26
SSDEEP

6144:8fWLwCwTJKBUf2sOG2IuzbgwuJz8GwVf:8uU3TYBUes/unnc

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

5b8b64c570e91d014d876d61c15a793eb46fe42c50f037113437c62aaea015e8.exe

Resource

win10-20220812-en

smokeloader backdoor trojan

windows10-1703-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  5b8b64c570e91d014d876d61c15a793eb46fe42c50f037113437c62aaea015e8
- Size
  
  265KB
- MD5
  
  e704a20dd55f35e12e7aad186f1f3bc1
- SHA1
  
  505f5f855bc92097413ccbf44b605287e8ca5aa7
- SHA256
  
  5b8b64c570e91d014d876d61c15a793eb46fe42c50f037113437c62aaea015e8
- SHA512
  
  57d0ba5688ebf831ff5ca984dadd765c8d3bba2f0670c2d3853f5ff41c667a7d515c9ab4acc6d4e7c4eb0efdafe76d3681681e1a7c8e25c56ea0dedd4a8dee26
- SSDEEP
  
  6144:8fWLwCwTJKBUf2sOG2IuzbgwuJz8GwVf:8uU3TYBUes/unnc
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Executes dropped EXE
- Deletes itself
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy