smokeloader | d8f502eb8a491652dfb8a3d9f13539942c7f2f7299712391d1f7dc57ad327351 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-1703-x64

Sharing

General

Target

d8f502eb8a491652dfb8a3d9f13539942c7f2f7299712391d1f7dc57ad327351
Size

146KB
Sample

221006-bq3r7sgaf9
MD5

70cd9984282f035e910cfc90be4e436b
SHA1

c8c17df7bc1cff80069f6fc804bb1a5feff737a4
SHA256

d8f502eb8a491652dfb8a3d9f13539942c7f2f7299712391d1f7dc57ad327351
SHA512

b6908f44d1f0a2b8c67561208e790d3e4f8128b6bfc169faed089b69723eda5fd5ef70700d5558b615316e53732a98ad67fb13bdaa89b83c8d8e798be16762bd
SSDEEP

3072:AF5yi+yOhf4wdMdvYVGaJQO797LDdYsO:Ok5rKaJQqZLR

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

d8f502eb8a491652dfb8a3d9f13539942c7f2f7299712391d1f7dc57ad327351.exe

Resource

win10-20220812-en

smokeloader backdoor trojan

windows10-1703-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  d8f502eb8a491652dfb8a3d9f13539942c7f2f7299712391d1f7dc57ad327351
- Size
  
  146KB
- MD5
  
  70cd9984282f035e910cfc90be4e436b
- SHA1
  
  c8c17df7bc1cff80069f6fc804bb1a5feff737a4
- SHA256
  
  d8f502eb8a491652dfb8a3d9f13539942c7f2f7299712391d1f7dc57ad327351
- SHA512
  
  b6908f44d1f0a2b8c67561208e790d3e4f8128b6bfc169faed089b69723eda5fd5ef70700d5558b615316e53732a98ad67fb13bdaa89b83c8d8e798be16762bd
- SSDEEP
  
  3072:AF5yi+yOhf4wdMdvYVGaJQO797LDdYsO:Ok5rKaJQqZLR
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Deletes itself
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy