smokeloader | a872200655c2fc805838bdee6587fcbfca1af171063de849a7ce7e7a72952a4c | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

a872200655c2fc805838bdee6587fcbfca1af171063de849a7ce7e7a72952a4c
Size

291KB
Sample

221104-j5lq8sfdcn
MD5

0465a11d3e918ea7f41bc7e8f6f94c6a
SHA1

e74c172ce9b9dc4ecba80dd6c6b69330b15854e4
SHA256

a872200655c2fc805838bdee6587fcbfca1af171063de849a7ce7e7a72952a4c
SHA512

bfc887fe61b720d4970fadd4feda0521c32133036d14fa92a5abf831bdf857ffe6a7cbac08023ff2ae1a24de2606d46d36c5dc83ea0c9749f34123a30dbc9cd2
SSDEEP

3072:H8t9p9ob5LWmOF/u5r4OGFkAoBLpWCWxJ2KyropUWkIVFe9fAIU:y9peFL9i/YxGFkGCkdAkFGjU

Score

10^/10

smokeloader systembc backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

a872200655c2fc805838bdee6587fcbfca1af171063de849a7ce7e7a72952a4c.exe

Resource

win10v2004-20220812-en

smokeloader systembc backdoor trojan

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Extracted

Family

systembc

C2

89.248.165.79:443

Targets

- Target
  
  a872200655c2fc805838bdee6587fcbfca1af171063de849a7ce7e7a72952a4c
- Size
  
  291KB
- MD5
  
  0465a11d3e918ea7f41bc7e8f6f94c6a
- SHA1
  
  e74c172ce9b9dc4ecba80dd6c6b69330b15854e4
- SHA256
  
  a872200655c2fc805838bdee6587fcbfca1af171063de849a7ce7e7a72952a4c
- SHA512
  
  bfc887fe61b720d4970fadd4feda0521c32133036d14fa92a5abf831bdf857ffe6a7cbac08023ff2ae1a24de2606d46d36c5dc83ea0c9749f34123a30dbc9cd2
- SSDEEP
  
  3072:H8t9p9ob5LWmOF/u5r4OGFkAoBLpWCWxJ2KyropUWkIVFe9fAIU:y9peFL9i/YxGFkGCkdAkFGjU
Score

10^/10

smokeloader systembc backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- SystemBC
  SystemBC is a proxy and remote administration tool first seen in 2019.
  trojan systembc
- Downloads MZ/PE file
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloadersystembcbackdoortrojan

© 2018-2024

Terms | Privacy