smokeloader | 0b31c47626d81d44ce68154e0040397853266c6375fb5d1d0244aa2f447b5852 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

0b31c47626d81d44ce68154e0040397853266c6375fb5d1d0244aa2f447b5852
Size

145KB
Sample

221006-nr678shca9
MD5

58f3d619b4bceb1da37253110727f869
SHA1

01c1767b0d7dda34c7e768a06a920c6144f767ba
SHA256

0b31c47626d81d44ce68154e0040397853266c6375fb5d1d0244aa2f447b5852
SHA512

9ebf94ab2b017c90b55c1d3621eccc387ecf2a922e3cb45b89ac599f03efb1cfc189c3e9406743e0be593047e2fa96f22fa908b772817b274088f8ab4cb20cc8
SSDEEP

3072:d2kXU46vGB+mYkfSGo2Vp3Va2zJ7lr0Psr3KSEkO:AKWvER5To2N7lrP6c

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

0b31c47626d81d44ce68154e0040397853266c6375fb5d1d0244aa2f447b5852.exe

Resource

win10v2004-20220812-en

smokeloader backdoor trojan

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  0b31c47626d81d44ce68154e0040397853266c6375fb5d1d0244aa2f447b5852
- Size
  
  145KB
- MD5
  
  58f3d619b4bceb1da37253110727f869
- SHA1
  
  01c1767b0d7dda34c7e768a06a920c6144f767ba
- SHA256
  
  0b31c47626d81d44ce68154e0040397853266c6375fb5d1d0244aa2f447b5852
- SHA512
  
  9ebf94ab2b017c90b55c1d3621eccc387ecf2a922e3cb45b89ac599f03efb1cfc189c3e9406743e0be593047e2fa96f22fa908b772817b274088f8ab4cb20cc8
- SSDEEP
  
  3072:d2kXU46vGB+mYkfSGo2Vp3Va2zJ7lr0Psr3KSEkO:AKWvER5To2N7lrP6c
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2025

Terms | Privacy