smokeloader | 0d327459f20d98e4d6d13420c08b629a556a14790297570c3aa41f36585315f8 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-1703-x64

Sharing

Copy URL Twitter E-mail

General

Target

0d327459f20d98e4d6d13420c08b629a556a14790297570c3aa41f36585315f8
Size

255KB
Sample

221027-yg8cnadbg5
MD5

349053ea92dd0ff6e01efc31f349af7b
SHA1

9ec3b477d79564f622f5ae13ef9e84441380ff0f
SHA256

0d327459f20d98e4d6d13420c08b629a556a14790297570c3aa41f36585315f8
SHA512

ed193ac62f4db75c93f442ca2322aa95a43fc93f167c99419ebf86726428fc830abeca1a4339d3045f8adaf1e2fa207dab4de9fae43616991e04f452abffb756
SSDEEP

3072:WVXOOcqjGLxgosnq5zSMftMQkBpVg0HF+bEigxCbxB37K00Kv:kRcqiU0MQk/fHXKL7d0

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

0d327459f20d98e4d6d13420c08b629a556a14790297570c3aa41f36585315f8.exe

Resource

win10-20220812-en

smokeloader backdoor trojan

windows10-1703-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  0d327459f20d98e4d6d13420c08b629a556a14790297570c3aa41f36585315f8
- Size
  
  255KB
- MD5
  
  349053ea92dd0ff6e01efc31f349af7b
- SHA1
  
  9ec3b477d79564f622f5ae13ef9e84441380ff0f
- SHA256
  
  0d327459f20d98e4d6d13420c08b629a556a14790297570c3aa41f36585315f8
- SHA512
  
  ed193ac62f4db75c93f442ca2322aa95a43fc93f167c99419ebf86726428fc830abeca1a4339d3045f8adaf1e2fa207dab4de9fae43616991e04f452abffb756
- SSDEEP
  
  3072:WVXOOcqjGLxgosnq5zSMftMQkBpVg0HF+bEigxCbxB37K00Kv:kRcqiU0MQk/fHXKL7d0
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Blocklisted process makes network request
- Downloads MZ/PE file
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2025

Terms | Privacy