smokeloader | 1794ebd9405dc74be402376bb6426024da1097c1e402bd47e7eb2985c5592c34 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

1794ebd9405dc74be402376bb6426024da1097c1e402bd47e7eb2985c5592c34
Size

270KB
Sample

221009-s3ve2ahbc8
MD5

21bd2ca5f2bab3ac4eb4749be3815ecc
SHA1

f9b385ce3943399bac49c2078753f7e6ce2c4026
SHA256

1794ebd9405dc74be402376bb6426024da1097c1e402bd47e7eb2985c5592c34
SHA512

7c36fb7d825c38f4eccc15fe5f59e983c841101ccc775f5213fb9988c009cb2426996adac93972c1a99fb576edc2448450f563679885772537b967a1661f7c95
SSDEEP

6144:J1gZDm6p2agnExgMGnqtHpGNArwVfquS:IZR2Nn0GqhpGNAd

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

1794ebd9405dc74be402376bb6426024da1097c1e402bd47e7eb2985c5592c34.exe

Resource

win10v2004-20220901-en

smokeloader backdoor trojan

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  1794ebd9405dc74be402376bb6426024da1097c1e402bd47e7eb2985c5592c34
- Size
  
  270KB
- MD5
  
  21bd2ca5f2bab3ac4eb4749be3815ecc
- SHA1
  
  f9b385ce3943399bac49c2078753f7e6ce2c4026
- SHA256
  
  1794ebd9405dc74be402376bb6426024da1097c1e402bd47e7eb2985c5592c34
- SHA512
  
  7c36fb7d825c38f4eccc15fe5f59e983c841101ccc775f5213fb9988c009cb2426996adac93972c1a99fb576edc2448450f563679885772537b967a1661f7c95
- SSDEEP
  
  6144:J1gZDm6p2agnExgMGnqtHpGNArwVfquS:IZR2Nn0GqhpGNAd
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2025

Terms | Privacy