smokeloader | 0c9a1a9277f1dacfe48cd81efae6646270d1f139d4e63d8bfb2ee667c00b0e1d | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-1703-x64

Sharing

General

Target

0c9a1a9277f1dacfe48cd81efae6646270d1f139d4e63d8bfb2ee667c00b0e1d
Size

265KB
Sample

221004-k9lsgaafgn
MD5

93025e24b06b02a21f4627cdd600e284
SHA1

19cdc5ae67f992b039c8c52268fc13bba9c23330
SHA256

0c9a1a9277f1dacfe48cd81efae6646270d1f139d4e63d8bfb2ee667c00b0e1d
SHA512

8df492edd395cf054b269fc8aae7aa14c18cf83cb53f4e0422294eac32d2f49f705a58914aa096be64f46f3dc6e6dafd8c4a0d1cd69c7c09fe1f38b0c9bdbdff
SSDEEP

6144:a1YGLuN9+ztduW7pwocqljw1uzbgwuEvvwwVfE:a16j+zvuW7pwfm6unn73A

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

0c9a1a9277f1dacfe48cd81efae6646270d1f139d4e63d8bfb2ee667c00b0e1d.exe

Resource

win10-20220812-en

smokeloader backdoor trojan

windows10-1703-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  0c9a1a9277f1dacfe48cd81efae6646270d1f139d4e63d8bfb2ee667c00b0e1d
- Size
  
  265KB
- MD5
  
  93025e24b06b02a21f4627cdd600e284
- SHA1
  
  19cdc5ae67f992b039c8c52268fc13bba9c23330
- SHA256
  
  0c9a1a9277f1dacfe48cd81efae6646270d1f139d4e63d8bfb2ee667c00b0e1d
- SHA512
  
  8df492edd395cf054b269fc8aae7aa14c18cf83cb53f4e0422294eac32d2f49f705a58914aa096be64f46f3dc6e6dafd8c4a0d1cd69c7c09fe1f38b0c9bdbdff
- SSDEEP
  
  6144:a1YGLuN9+ztduW7pwocqljw1uzbgwuEvvwwVfE:a16j+zvuW7pwfm6unn73A
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Executes dropped EXE
- Deletes itself
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2025

Terms | Privacy