smokeloader | d1650e121d7a6ca34fd7b097e031985e63a72bd38b3abb16c5bf96dbd2edd9cc | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

d1650e121d7a6ca34fd7b097e031985e63a72bd38b3abb16c5bf96dbd2edd9cc
Size

271KB
Sample

221005-2vrhvafhb6
MD5

2b0b118f09aec0b9880a0d179628cb7c
SHA1

4a89fe0ecf590e0d86d5fa803baec9989e0acd9e
SHA256

d1650e121d7a6ca34fd7b097e031985e63a72bd38b3abb16c5bf96dbd2edd9cc
SHA512

17a36d6bcea00b984913ae1130c9b482258e40ec67891f2792a73bf6c5a3d48dbcb720141ba34fa6f127af0e52aa360589757bad6a62fb27227245fc88765e8f
SSDEEP

6144:a4/W8BLeSmOdLFaB74MRuzbgwuXkRpEwVfUPk:a4tKSmIaB7ZunnwkRpMc

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

d1650e121d7a6ca34fd7b097e031985e63a72bd38b3abb16c5bf96dbd2edd9cc.exe

Resource

win10v2004-20220901-en

smokeloader backdoor trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  d1650e121d7a6ca34fd7b097e031985e63a72bd38b3abb16c5bf96dbd2edd9cc
- Size
  
  271KB
- MD5
  
  2b0b118f09aec0b9880a0d179628cb7c
- SHA1
  
  4a89fe0ecf590e0d86d5fa803baec9989e0acd9e
- SHA256
  
  d1650e121d7a6ca34fd7b097e031985e63a72bd38b3abb16c5bf96dbd2edd9cc
- SHA512
  
  17a36d6bcea00b984913ae1130c9b482258e40ec67891f2792a73bf6c5a3d48dbcb720141ba34fa6f127af0e52aa360589757bad6a62fb27227245fc88765e8f
- SSDEEP
  
  6144:a4/W8BLeSmOdLFaB74MRuzbgwuXkRpEwVfUPk:a4tKSmIaB7ZunnwkRpMc
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy