smokeloader | 6831e7524e305fea862ef2e472a47310bcee1b6383f837d1a36eb56ae0049611 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

6831e7524e305fea862ef2e472a47310bcee1b6383f837d1a36eb56ae0049611
Size

292KB
Sample

221104-j2xdkaddc3
MD5

e1ee04bbc9f607d61b0a614a4550c16d
SHA1

16fa1fc2669d4b629375213269a40dd254c3978f
SHA256

6831e7524e305fea862ef2e472a47310bcee1b6383f837d1a36eb56ae0049611
SHA512

4e0759f495aeee4916c1b228591287736b99293cfff52ee0ccedf88d9f15eb009327a0b5c5283da8344fddda68c3bad7d6ddc1c13091f2f017b7b10b9cf906db
SSDEEP

3072:9D9n6UpGbOLqMZUnru5r7VupJe0GZ8DnzvKmvGjwvXopVj7IC7C:+UpvLf6nrYpuu0GyjWmgGwV/IMC

Score

10^/10

smokeloader systembc backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

6831e7524e305fea862ef2e472a47310bcee1b6383f837d1a36eb56ae0049611.exe

Resource

win10v2004-20220812-en

smokeloader systembc backdoor trojan

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Extracted

Family

systembc

C2

89.248.165.79:443

Targets

- Target
  
  6831e7524e305fea862ef2e472a47310bcee1b6383f837d1a36eb56ae0049611
- Size
  
  292KB
- MD5
  
  e1ee04bbc9f607d61b0a614a4550c16d
- SHA1
  
  16fa1fc2669d4b629375213269a40dd254c3978f
- SHA256
  
  6831e7524e305fea862ef2e472a47310bcee1b6383f837d1a36eb56ae0049611
- SHA512
  
  4e0759f495aeee4916c1b228591287736b99293cfff52ee0ccedf88d9f15eb009327a0b5c5283da8344fddda68c3bad7d6ddc1c13091f2f017b7b10b9cf906db
- SSDEEP
  
  3072:9D9n6UpGbOLqMZUnru5r7VupJe0GZ8DnzvKmvGjwvXopVj7IC7C:+UpvLf6nrYpuu0GyjWmgGwV/IMC
Score

10^/10

smokeloader systembc backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- SystemBC
  SystemBC is a proxy and remote administration tool first seen in 2019.
  trojan systembc
- Downloads MZ/PE file
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloadersystembcbackdoortrojan

© 2018-2024

Terms | Privacy