smokeloader | 2abcc174d78beca4bbfd1778e481d05a43de8e73dc980a53bf9fe2af19500c7b | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-1703-x64

Sharing

General

Target

2abcc174d78beca4bbfd1778e481d05a43de8e73dc980a53bf9fe2af19500c7b
Size

217KB
Sample

221017-yl8h8adbbq
MD5

621c51fb9f8c378d6c6274d460bfdb05
SHA1

d7b4c0bef5ef5f5ef69165d5265d9e34aeb3d4fd
SHA256

2abcc174d78beca4bbfd1778e481d05a43de8e73dc980a53bf9fe2af19500c7b
SHA512

70532fe15fba466629ec44e9da544b706913520a5809cf15674a49a2418ee1159ce0c4477f1869c0cabc4e93732e200fd3f61d46b5b6bf28725e361079594642
SSDEEP

3072:jvAMHwy1mnbaYLXlwL5v2uaKTKPCF4LYgZRFolktFew53xkSP:jIMBGaECL5vzaKqautFew52S

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

2abcc174d78beca4bbfd1778e481d05a43de8e73dc980a53bf9fe2af19500c7b.exe

Resource

win10-20220812-en

smokeloader backdoor trojan

windows10-1703-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  2abcc174d78beca4bbfd1778e481d05a43de8e73dc980a53bf9fe2af19500c7b
- Size
  
  217KB
- MD5
  
  621c51fb9f8c378d6c6274d460bfdb05
- SHA1
  
  d7b4c0bef5ef5f5ef69165d5265d9e34aeb3d4fd
- SHA256
  
  2abcc174d78beca4bbfd1778e481d05a43de8e73dc980a53bf9fe2af19500c7b
- SHA512
  
  70532fe15fba466629ec44e9da544b706913520a5809cf15674a49a2418ee1159ce0c4477f1869c0cabc4e93732e200fd3f61d46b5b6bf28725e361079594642
- SSDEEP
  
  3072:jvAMHwy1mnbaYLXlwL5v2uaKTKPCF4LYgZRFolktFew53xkSP:jIMBGaECL5vzaKqautFew52S
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Deletes itself
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy