smokeloader | 10580328882ee7253800375bf787c2b430a2cf5322758f56b3f784d0ca37aa06 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

10580328882ee7253800375bf787c2b430a2cf5322758f56b3f784d0ca37aa06
Size

146KB
Sample

221006-c4czdagbe4
MD5

d68ddbdfb6a0ac9c04173b90206d3602
SHA1

6e6501defdfae791d5b832031576c800c9d60f9d
SHA256

10580328882ee7253800375bf787c2b430a2cf5322758f56b3f784d0ca37aa06
SHA512

b250c8ac4af07f88659d2a6473f6a4b6c6cb78f9d869d9e40630609e988e695d22e34c1a6ca3b7a9b0aee982090b2320b461165ba3cacaccf5e85b1cd7b87831
SSDEEP

3072:6GCeWFhfDTMCNpOC1Cg4cf0+MKlI+uvqZmJ8mO:z2zzpLCgt8+MKxSeS8m

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

10580328882ee7253800375bf787c2b430a2cf5322758f56b3f784d0ca37aa06.exe

Resource

win10v2004-20220812-en

smokeloader backdoor trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  10580328882ee7253800375bf787c2b430a2cf5322758f56b3f784d0ca37aa06
- Size
  
  146KB
- MD5
  
  d68ddbdfb6a0ac9c04173b90206d3602
- SHA1
  
  6e6501defdfae791d5b832031576c800c9d60f9d
- SHA256
  
  10580328882ee7253800375bf787c2b430a2cf5322758f56b3f784d0ca37aa06
- SHA512
  
  b250c8ac4af07f88659d2a6473f6a4b6c6cb78f9d869d9e40630609e988e695d22e34c1a6ca3b7a9b0aee982090b2320b461165ba3cacaccf5e85b1cd7b87831
- SSDEEP
  
  3072:6GCeWFhfDTMCNpOC1Cg4cf0+MKlI+uvqZmJ8mO:z2zzpLCgt8+MKxSeS8m
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy