smokeloader | d7ec22d8507fbb86e9e8e64289823fc644dfd288f72bb6e481f00e68a90046ff | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

d7ec22d8507fbb86e9e8e64289823fc644dfd288f72bb6e481f00e68a90046ff
Size

147KB
Sample

221005-3k618agber
MD5

11476edbf2adb575d589845f5e47bf8f
SHA1

fe7c2f767adccef80fe0839610877acbc222612b
SHA256

d7ec22d8507fbb86e9e8e64289823fc644dfd288f72bb6e481f00e68a90046ff
SHA512

028d68fec130c30455afaebd5b03617f16d0e28d232171943cca24f2e776e12b527b8c4c3e2c127567cd35f2b1a2232df12b42f0a8e103bb2c871c085769435b
SSDEEP

3072:ltRdQbHZhfz5SBJ+3nK66PtyTWOhbuIVU5IO:LkFSH+V6lkWmbN8I

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

d7ec22d8507fbb86e9e8e64289823fc644dfd288f72bb6e481f00e68a90046ff.exe

Resource

win10v2004-20220812-en

smokeloader backdoor trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  d7ec22d8507fbb86e9e8e64289823fc644dfd288f72bb6e481f00e68a90046ff
- Size
  
  147KB
- MD5
  
  11476edbf2adb575d589845f5e47bf8f
- SHA1
  
  fe7c2f767adccef80fe0839610877acbc222612b
- SHA256
  
  d7ec22d8507fbb86e9e8e64289823fc644dfd288f72bb6e481f00e68a90046ff
- SHA512
  
  028d68fec130c30455afaebd5b03617f16d0e28d232171943cca24f2e776e12b527b8c4c3e2c127567cd35f2b1a2232df12b42f0a8e103bb2c871c085769435b
- SSDEEP
  
  3072:ltRdQbHZhfz5SBJ+3nK66PtyTWOhbuIVU5IO:LkFSH+V6lkWmbN8I
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy