smokeloader | d708477f7f731143c5acdcd60e8a477bb9752ff880570680acc5d5c9c3f02028 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-1703-x64

Sharing

General

Target

d708477f7f731143c5acdcd60e8a477bb9752ff880570680acc5d5c9c3f02028
Size

272KB
Sample

221005-wl5ffsfba3
MD5

cdf06cc9bdb740ab0ab90e2b51ca4c16
SHA1

a38b7bfcb4e3e40a56aefaa7bad5b8feb2c73ce9
SHA256

d708477f7f731143c5acdcd60e8a477bb9752ff880570680acc5d5c9c3f02028
SHA512

949e08dc58dbb7fec834ed574adb3105e8ddb811fd8d7bb9f983c210925feb18883be06d72f8cf3f15597191429b17a4f948fd680a168aeb1adfa7f48b761554
SSDEEP

6144:NCjRYMLGpuyq1JOfkpBuzbgwuBTsOwVfU4:N3M6puyq6iunnvO4

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

d708477f7f731143c5acdcd60e8a477bb9752ff880570680acc5d5c9c3f02028.exe

Resource

win10-20220812-en

smokeloader backdoor trojan

windows10-1703-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  d708477f7f731143c5acdcd60e8a477bb9752ff880570680acc5d5c9c3f02028
- Size
  
  272KB
- MD5
  
  cdf06cc9bdb740ab0ab90e2b51ca4c16
- SHA1
  
  a38b7bfcb4e3e40a56aefaa7bad5b8feb2c73ce9
- SHA256
  
  d708477f7f731143c5acdcd60e8a477bb9752ff880570680acc5d5c9c3f02028
- SHA512
  
  949e08dc58dbb7fec834ed574adb3105e8ddb811fd8d7bb9f983c210925feb18883be06d72f8cf3f15597191429b17a4f948fd680a168aeb1adfa7f48b761554
- SSDEEP
  
  6144:NCjRYMLGpuyq1JOfkpBuzbgwuBTsOwVfU4:N3M6puyq6iunnvO4
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Deletes itself
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy