smokeloader | 1b0fd55f094821963a477b344116b1710a9e9a8b536321513ede6cf812c442e8 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

1b0fd55f094821963a477b344116b1710a9e9a8b536321513ede6cf812c442e8
Size

285KB
Sample

221105-sqyxpaafcq
MD5

f526de6c51cf1993608007fb74cc7537
SHA1

06c3ff1ded6de234e55560540827a8b59ab9cfd6
SHA256

1b0fd55f094821963a477b344116b1710a9e9a8b536321513ede6cf812c442e8
SHA512

31788a0cfef556a8aa7f7248507a5ba670e1ae36a7b450dd9c3c4562d71d684de06386943509ee7e4a29c97a9623174d331c8bb1e15b5ed52af283297bebe1cb
SSDEEP

3072:TqdvxqiTZbrgg67lq65analtS7REPl1wHINMj71DPAsXek3cmBJ05BVZyF4zffBa:ujqQ2MZnuLPM6Mtcxko7VlzE

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

1b0fd55f094821963a477b344116b1710a9e9a8b536321513ede6cf812c442e8.exe

Resource

win10v2004-20220812-en

smokeloader backdoor trojan

windows10-2004-x64

20 signatures

150 seconds

Malware Config

Targets

- Target
  
  1b0fd55f094821963a477b344116b1710a9e9a8b536321513ede6cf812c442e8
- Size
  
  285KB
- MD5
  
  f526de6c51cf1993608007fb74cc7537
- SHA1
  
  06c3ff1ded6de234e55560540827a8b59ab9cfd6
- SHA256
  
  1b0fd55f094821963a477b344116b1710a9e9a8b536321513ede6cf812c442e8
- SHA512
  
  31788a0cfef556a8aa7f7248507a5ba670e1ae36a7b450dd9c3c4562d71d684de06386943509ee7e4a29c97a9623174d331c8bb1e15b5ed52af283297bebe1cb
- SSDEEP
  
  3072:TqdvxqiTZbrgg67lq65analtS7REPl1wHINMj71DPAsXek3cmBJ05BVZyF4zffBa:ujqQ2MZnuLPM6Mtcxko7VlzE
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Blocklisted process makes network request
- Downloads MZ/PE file
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy