smokeloader | cb68cd43767b594bc87e977443c0a47bf17fafcf4ece55c90fe4c442c7afcef8 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

cb68cd43767b594bc87e977443c0a47bf17fafcf4ece55c90fe4c442c7afcef8
Size

261KB
Sample

221028-pbdresfdh4
MD5

cb51e4547acf43d8e5bc7bc9558002f7
SHA1

98bb8c78391a05cc6455fa3ed99109209d40177e
SHA256

cb68cd43767b594bc87e977443c0a47bf17fafcf4ece55c90fe4c442c7afcef8
SHA512

2c1bfa4e5b641301fdcee8f8c4e18ab6d68b1f4db74b58f40733c76c7ca2b150fa28f1ac50e217080fae927e82a77342a49f4dedd34b954b9c89075cae10239d
SSDEEP

3072:HXOEdHMvLUSAw/b6G0mj5etF07MMLP7EKWXm7E5dn0yZTcm3MT7oM/h3l:3bH6LUabl0RtHM8vZdnz4m307o

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

cb68cd43767b594bc87e977443c0a47bf17fafcf4ece55c90fe4c442c7afcef8.exe

Resource

win10v2004-20220812-en

smokeloader backdoor trojan

windows10-2004-x64

15 signatures

150 seconds

Malware Config

Targets

- Target
  
  cb68cd43767b594bc87e977443c0a47bf17fafcf4ece55c90fe4c442c7afcef8
- Size
  
  261KB
- MD5
  
  cb51e4547acf43d8e5bc7bc9558002f7
- SHA1
  
  98bb8c78391a05cc6455fa3ed99109209d40177e
- SHA256
  
  cb68cd43767b594bc87e977443c0a47bf17fafcf4ece55c90fe4c442c7afcef8
- SHA512
  
  2c1bfa4e5b641301fdcee8f8c4e18ab6d68b1f4db74b58f40733c76c7ca2b150fa28f1ac50e217080fae927e82a77342a49f4dedd34b954b9c89075cae10239d
- SSDEEP
  
  3072:HXOEdHMvLUSAw/b6G0mj5etF07MMLP7EKWXm7E5dn0yZTcm3MT7oM/h3l:3bH6LUabl0RtHM8vZdnz4m307o
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Blocklisted process makes network request
- Downloads MZ/PE file
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2025

Terms | Privacy