smokeloader | 54473b6b1a8988ebd3e2f75c99f1adc93d8b0dcefdbd854a50e5a28a7f2a7416 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-1703-x64

Sharing

General

Target

54473b6b1a8988ebd3e2f75c99f1adc93d8b0dcefdbd854a50e5a28a7f2a7416
Size

285KB
Sample

221030-g46znsgebq
MD5

54fd79edbe4605ef43bee7031863a48b
SHA1

c8c24a0fe7921497656fdaab886e074c2175aff6
SHA256

54473b6b1a8988ebd3e2f75c99f1adc93d8b0dcefdbd854a50e5a28a7f2a7416
SHA512

ed19805bdc2671f48e21f639596ed1ec1ad458e4b8d1808f17e7cebb788790c1379d2534b07e6576616dcdb71db52f293a97be3a92f777a82d5fceb99c76317b
SSDEEP

6144:4VUnvjLkJfbCbtu8+Vj5tvgPUfn1od5qI/01q:KUn7IMU8+3tvgPUf1S01q

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

54473b6b1a8988ebd3e2f75c99f1adc93d8b0dcefdbd854a50e5a28a7f2a7416.exe

Resource

win10-20220812-en

smokeloader backdoor trojan

windows10-1703-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  54473b6b1a8988ebd3e2f75c99f1adc93d8b0dcefdbd854a50e5a28a7f2a7416
- Size
  
  285KB
- MD5
  
  54fd79edbe4605ef43bee7031863a48b
- SHA1
  
  c8c24a0fe7921497656fdaab886e074c2175aff6
- SHA256
  
  54473b6b1a8988ebd3e2f75c99f1adc93d8b0dcefdbd854a50e5a28a7f2a7416
- SHA512
  
  ed19805bdc2671f48e21f639596ed1ec1ad458e4b8d1808f17e7cebb788790c1379d2534b07e6576616dcdb71db52f293a97be3a92f777a82d5fceb99c76317b
- SSDEEP
  
  6144:4VUnvjLkJfbCbtu8+Vj5tvgPUfn1od5qI/01q:KUn7IMU8+3tvgPUf1S01q
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Deletes itself
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy