smokeloader | 7aae1772881141e1a4adf061ab466c21eed7e9cc59b04da5d17133c08f892ced | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

7aae1772881141e1a4adf061ab466c21eed7e9cc59b04da5d17133c08f892ced
Size

146KB
Sample

221006-e4fflsgch3
MD5

b3793271907b5d8a2d3cdc7fa666d393
SHA1

8c60cdeb1bab8555b0bf877ad949f0d33b3789cd
SHA256

7aae1772881141e1a4adf061ab466c21eed7e9cc59b04da5d17133c08f892ced
SHA512

48233e2f126075eda1f6f8f636692bed7de33d381032967403d340c0f2cae12c563332854f8e4dcd099d5b9a1044d6a7eefaebd98663c8a11c6a4b167d470019
SSDEEP

1536:+A2Yv2Ri+V/5PO++emkZMEPGnTLMOybCi+vJ1p5OUJ5tWgk2m+8FV3ZmCVUhUIOi:+A2Yya++4PGnTFybCnrz3G2m+Ym6JIO

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

7aae1772881141e1a4adf061ab466c21eed7e9cc59b04da5d17133c08f892ced.exe

Resource

win10v2004-20220901-en

smokeloader backdoor trojan

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  7aae1772881141e1a4adf061ab466c21eed7e9cc59b04da5d17133c08f892ced
- Size
  
  146KB
- MD5
  
  b3793271907b5d8a2d3cdc7fa666d393
- SHA1
  
  8c60cdeb1bab8555b0bf877ad949f0d33b3789cd
- SHA256
  
  7aae1772881141e1a4adf061ab466c21eed7e9cc59b04da5d17133c08f892ced
- SHA512
  
  48233e2f126075eda1f6f8f636692bed7de33d381032967403d340c0f2cae12c563332854f8e4dcd099d5b9a1044d6a7eefaebd98663c8a11c6a4b167d470019
- SSDEEP
  
  1536:+A2Yv2Ri+V/5PO++emkZMEPGnTLMOybCi+vJ1p5OUJ5tWgk2m+8FV3ZmCVUhUIOi:+A2Yya++4PGnTFybCnrz3G2m+Ym6JIO
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Downloads MZ/PE file
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy