smokeloader | 6004c91235ec62d53b1b8b96b1148af696fc0e40ee81f0f7d4d81a46c82aa4e3 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-1703-x64

Sharing

General

Target

6004c91235ec62d53b1b8b96b1148af696fc0e40ee81f0f7d4d81a46c82aa4e3
Size

194KB
Sample

221020-1jrh2afffp
MD5

4c2b4c5a8deb589cd21814d23bbf27c0
SHA1

cbf684f2425f65ffad7888944bb44fbd5a86943e
SHA256

6004c91235ec62d53b1b8b96b1148af696fc0e40ee81f0f7d4d81a46c82aa4e3
SHA512

3bb3530c1ec8e765e23ac026569a3edc6f6734492e8d2e23fe06641707b370afa948690a71354b5502c76366105af357d07499bc43e833e550942f52ed51f5d9
SSDEEP

3072:XXm4jLKM7u6bA5xGteDYo7608WUC8qpSUuqVruObs0KXiyjpZ:HFjLNuKeTDYo76WUqpS1qZuOA0miy

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

6004c91235ec62d53b1b8b96b1148af696fc0e40ee81f0f7d4d81a46c82aa4e3.exe

Resource

win10-20220901-en

smokeloader backdoor trojan

windows10-1703-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  6004c91235ec62d53b1b8b96b1148af696fc0e40ee81f0f7d4d81a46c82aa4e3
- Size
  
  194KB
- MD5
  
  4c2b4c5a8deb589cd21814d23bbf27c0
- SHA1
  
  cbf684f2425f65ffad7888944bb44fbd5a86943e
- SHA256
  
  6004c91235ec62d53b1b8b96b1148af696fc0e40ee81f0f7d4d81a46c82aa4e3
- SHA512
  
  3bb3530c1ec8e765e23ac026569a3edc6f6734492e8d2e23fe06641707b370afa948690a71354b5502c76366105af357d07499bc43e833e550942f52ed51f5d9
- SSDEEP
  
  3072:XXm4jLKM7u6bA5xGteDYo7608WUC8qpSUuqVruObs0KXiyjpZ:HFjLNuKeTDYo76WUqpS1qZuOA0miy
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Deletes itself
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy