smokeloader | 56237f363cb7c66dd673f49679dbed326d103fc3050e808585c26ebbddd224f1 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

56237f363cb7c66dd673f49679dbed326d103fc3050e808585c26ebbddd224f1
Size

321KB
Sample

221102-fapb4aaagn
MD5

ea190cd3fa32100df8adec493217644d
SHA1

c34e0413a8a10e050d662c2e5d073a8077216a15
SHA256

56237f363cb7c66dd673f49679dbed326d103fc3050e808585c26ebbddd224f1
SHA512

6e8276e0bef1ac034758e0295c5b17422ab5cbd3a071e2f691ef29dc31a41e8f7b09c9f0e5f89dabe97a219155b72326805e4e184d44e4d84e932d5a22e7c1b3
SSDEEP

3072:vy8Vkho85Gdsc59UCasGV03YU59Tj79/zqkrhsx99mADDXhejVggjcGkNIVqI8:K8VU5GOsUAGVgYS9r1z989HjW7ITsqF

Score

10^/10

smokeloader backdoor discovery trojan

Static task

static1

Behavioral task

behavioral1

Sample

56237f363cb7c66dd673f49679dbed326d103fc3050e808585c26ebbddd224f1.exe

Resource

win10v2004-20220812-en

smokeloader backdoor discovery trojan

windows10-2004-x64

19 signatures

150 seconds

Malware Config

Targets

- Target
  
  56237f363cb7c66dd673f49679dbed326d103fc3050e808585c26ebbddd224f1
- Size
  
  321KB
- MD5
  
  ea190cd3fa32100df8adec493217644d
- SHA1
  
  c34e0413a8a10e050d662c2e5d073a8077216a15
- SHA256
  
  56237f363cb7c66dd673f49679dbed326d103fc3050e808585c26ebbddd224f1
- SHA512
  
  6e8276e0bef1ac034758e0295c5b17422ab5cbd3a071e2f691ef29dc31a41e8f7b09c9f0e5f89dabe97a219155b72326805e4e184d44e4d84e932d5a22e7c1b3
- SSDEEP
  
  3072:vy8Vkho85Gdsc59UCasGV03YU59Tj79/zqkrhsx99mADDXhejVggjcGkNIVqI8:K8VU5GOsUAGVgYS9r1z989HjW7ITsqF
Score

10^/10

smokeloader backdoor discovery trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Downloads MZ/PE file
- Executes dropped EXE
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoordiscoverytrojan

© 2018-2025

Terms | Privacy