smokeloader | 97130a5e0fd1cfe3aaa5556f5d676608f73031932dfc999581578c2ec22ebe12 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-1703-x64

Sharing

General

Target

97130a5e0fd1cfe3aaa5556f5d676608f73031932dfc999581578c2ec22ebe12
Size

302KB
Sample

221104-y8xegaagd6
MD5

cbcf19603d596bbabf6921c24e36696f
SHA1

b176de678c6eac68d3366575ad2d888e61875418
SHA256

97130a5e0fd1cfe3aaa5556f5d676608f73031932dfc999581578c2ec22ebe12
SHA512

7f0fd2bec31def7a893a0e79d189fb33e32955ee6dd48f418fd2a0890b1ea64b91c9832be31ae7f9f53999580fc06ef3aaf17d54a57068e3d4ce86bcfb797d59
SSDEEP

3072:nWKTyb3g8fAT5Fi6bNs23w/ZCZ9HdjpTcE06a4en5:dTa2/Z3W2djpw8Y

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

97130a5e0fd1cfe3aaa5556f5d676608f73031932dfc999581578c2ec22ebe12.exe

Resource

win10-20220812-en

smokeloader backdoor trojan

windows10-1703-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  97130a5e0fd1cfe3aaa5556f5d676608f73031932dfc999581578c2ec22ebe12
- Size
  
  302KB
- MD5
  
  cbcf19603d596bbabf6921c24e36696f
- SHA1
  
  b176de678c6eac68d3366575ad2d888e61875418
- SHA256
  
  97130a5e0fd1cfe3aaa5556f5d676608f73031932dfc999581578c2ec22ebe12
- SHA512
  
  7f0fd2bec31def7a893a0e79d189fb33e32955ee6dd48f418fd2a0890b1ea64b91c9832be31ae7f9f53999580fc06ef3aaf17d54a57068e3d4ce86bcfb797d59
- SSDEEP
  
  3072:nWKTyb3g8fAT5Fi6bNs23w/ZCZ9HdjpTcE06a4en5:dTa2/Z3W2djpw8Y
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Executes dropped EXE
- Deletes itself
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2025

Terms | Privacy