smokeloader | 98dc72d5cfe8d053921395ca484b3127dcc4b6707b7deaef57fc3d33022616f6 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-1703-x64

Sharing

General

Target

98dc72d5cfe8d053921395ca484b3127dcc4b6707b7deaef57fc3d33022616f6
Size

286KB
Sample

221106-gwdyxsfeb5
MD5

8b76fb0c60d39654aecd156c957f9c23
SHA1

bd9daaab7d3ff58415db6cf023fb03e9df4e02a6
SHA256

98dc72d5cfe8d053921395ca484b3127dcc4b6707b7deaef57fc3d33022616f6
SHA512

0591dd4447629f0313656c736af51b0befe0b98f197ffa6cbaa5acaee7aaa8589d65b71ccfbe8478aa6da5814ce0969ccd46f4419c3b42b74cffb3e53ea9a15e
SSDEEP

3072:I6m9Hz2Rpfj78gcBxh45EIelIMEwang2RRq1usZeAycU+GqC0E:In9epfj3eLJIelpang/XeNu

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

98dc72d5cfe8d053921395ca484b3127dcc4b6707b7deaef57fc3d33022616f6.exe

Resource

win10-20220812-en

smokeloader backdoor trojan

windows10-1703-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  98dc72d5cfe8d053921395ca484b3127dcc4b6707b7deaef57fc3d33022616f6
- Size
  
  286KB
- MD5
  
  8b76fb0c60d39654aecd156c957f9c23
- SHA1
  
  bd9daaab7d3ff58415db6cf023fb03e9df4e02a6
- SHA256
  
  98dc72d5cfe8d053921395ca484b3127dcc4b6707b7deaef57fc3d33022616f6
- SHA512
  
  0591dd4447629f0313656c736af51b0befe0b98f197ffa6cbaa5acaee7aaa8589d65b71ccfbe8478aa6da5814ce0969ccd46f4419c3b42b74cffb3e53ea9a15e
- SSDEEP
  
  3072:I6m9Hz2Rpfj78gcBxh45EIelIMEwang2RRq1usZeAycU+GqC0E:In9epfj3eLJIelpang/XeNu
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Downloads MZ/PE file
- Executes dropped EXE
- Deletes itself
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy