smokeloader | d5241af9dd7e7fe48fc043b520f3366a806269d869d9add684bcb37d2582b1ad | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

d5241af9dd7e7fe48fc043b520f3366a806269d869d9add684bcb37d2582b1ad
Size

209KB
Sample

221031-x15kfaccc5
MD5

0429ffc783c6c4e2897966e485bdf9a3
SHA1

04aa9bb13bbd3f47b37ad38cdf289ab1127d1323
SHA256

d5241af9dd7e7fe48fc043b520f3366a806269d869d9add684bcb37d2582b1ad
SHA512

995b9d0c69607f12490f5ea23a863c303a87cbb4bab9bbe3326f7f1e0cd10c797e9fd825ef4d6b5c23924427286142ce94198b8fd0e3b397168af875d24eca07
SSDEEP

3072:C/OIaP6Z+NuX0LhfWcq5zNm6Ao7Ex5D+XjhumpktHm5I2txtfsXx:C/E6wNukLhfUNDAo7EmzkmpWHMpvtk

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

d5241af9dd7e7fe48fc043b520f3366a806269d869d9add684bcb37d2582b1ad.exe

Resource

win10v2004-20220812-en

smokeloader backdoor trojan

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  d5241af9dd7e7fe48fc043b520f3366a806269d869d9add684bcb37d2582b1ad
- Size
  
  209KB
- MD5
  
  0429ffc783c6c4e2897966e485bdf9a3
- SHA1
  
  04aa9bb13bbd3f47b37ad38cdf289ab1127d1323
- SHA256
  
  d5241af9dd7e7fe48fc043b520f3366a806269d869d9add684bcb37d2582b1ad
- SHA512
  
  995b9d0c69607f12490f5ea23a863c303a87cbb4bab9bbe3326f7f1e0cd10c797e9fd825ef4d6b5c23924427286142ce94198b8fd0e3b397168af875d24eca07
- SSDEEP
  
  3072:C/OIaP6Z+NuX0LhfWcq5zNm6Ao7Ex5D+XjhumpktHm5I2txtfsXx:C/E6wNukLhfUNDAo7EmzkmpWHMpvtk
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Downloads MZ/PE file
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2025

Terms | Privacy