smokeloader | 7c348e6d3889890ed020e19050b7bc3dbc15b0ccb649de3e2f23ffbb145f5501 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-1703-x64

Sharing

Copy URL Twitter E-mail

General

Target

7c348e6d3889890ed020e19050b7bc3dbc15b0ccb649de3e2f23ffbb145f5501
Size

254KB
Sample

221025-waltzaddbn
MD5

4286b78589831dc62f33997334480313
SHA1

e4350620580de6e34448aab963dc1291326940af
SHA256

7c348e6d3889890ed020e19050b7bc3dbc15b0ccb649de3e2f23ffbb145f5501
SHA512

b2800728e1aa775769eaf9a5643ea1c37f2977b41f15f972dd21e9084be1ffefe61e8df1a084d29c1849cc5ccd33ab7d47238ce7bdb6574997ceb3312f8ebe3e
SSDEEP

6144:1GYkLhWRquMGcpdazMy8DD44mTe56dupGQ:1a9WRquMGcxyk44GdcpGQ

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

7c348e6d3889890ed020e19050b7bc3dbc15b0ccb649de3e2f23ffbb145f5501.exe

Resource

win10-20220812-en

smokeloader backdoor trojan

windows10-1703-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  7c348e6d3889890ed020e19050b7bc3dbc15b0ccb649de3e2f23ffbb145f5501
- Size
  
  254KB
- MD5
  
  4286b78589831dc62f33997334480313
- SHA1
  
  e4350620580de6e34448aab963dc1291326940af
- SHA256
  
  7c348e6d3889890ed020e19050b7bc3dbc15b0ccb649de3e2f23ffbb145f5501
- SHA512
  
  b2800728e1aa775769eaf9a5643ea1c37f2977b41f15f972dd21e9084be1ffefe61e8df1a084d29c1849cc5ccd33ab7d47238ce7bdb6574997ceb3312f8ebe3e
- SSDEEP
  
  6144:1GYkLhWRquMGcpdazMy8DD44mTe56dupGQ:1a9WRquMGcxyk44GdcpGQ
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Deletes itself
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2025

Terms | Privacy