smokeloader | f4fae06b0c73cef55ecba926edff5350e95fc54cbd81f0d81edde68a69c71c1b | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-1703-x64

Sharing

General

Target

f4fae06b0c73cef55ecba926edff5350e95fc54cbd81f0d81edde68a69c71c1b
Size

163KB
Sample

221117-jywmvsdh87
MD5

7350dd116e35bf99e1d583f377f7e902
SHA1

b4465d8f92d89d72db03017e7967bdbe1da99e60
SHA256

f4fae06b0c73cef55ecba926edff5350e95fc54cbd81f0d81edde68a69c71c1b
SHA512

2c9bf321db5a83590cf5226d400d012a1a80271ed53b021aa8a80ff0096e62010ad47a117b1f28e3993e533b18b63da9983ab87cdfd7c4854184fde023039dfc
SSDEEP

3072:PjG40LroiYvot5pMtoi1Xtk3HDFzSrTWVYeuAnWFu+D:PkLE/vMMtosdkzFeyVD7nR

Score

10^/10

smokeloader systembc backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

f4fae06b0c73cef55ecba926edff5350e95fc54cbd81f0d81edde68a69c71c1b.exe

Resource

win10-20220901-en

smokeloader systembc backdoor trojan

windows10-1703-x64

13 signatures

150 seconds

Malware Config

Extracted

Family

systembc

C2

89.248.165.79:443

Targets

- Target
  
  f4fae06b0c73cef55ecba926edff5350e95fc54cbd81f0d81edde68a69c71c1b
- Size
  
  163KB
- MD5
  
  7350dd116e35bf99e1d583f377f7e902
- SHA1
  
  b4465d8f92d89d72db03017e7967bdbe1da99e60
- SHA256
  
  f4fae06b0c73cef55ecba926edff5350e95fc54cbd81f0d81edde68a69c71c1b
- SHA512
  
  2c9bf321db5a83590cf5226d400d012a1a80271ed53b021aa8a80ff0096e62010ad47a117b1f28e3993e533b18b63da9983ab87cdfd7c4854184fde023039dfc
- SSDEEP
  
  3072:PjG40LroiYvot5pMtoi1Xtk3HDFzSrTWVYeuAnWFu+D:PkLE/vMMtosdkzFeyVD7nR
Score

10^/10

smokeloader systembc backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- SystemBC
  SystemBC is a proxy and remote administration tool first seen in 2019.
  trojan systembc
- Downloads MZ/PE file
- Executes dropped EXE
- Deletes itself
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloadersystembcbackdoortrojan

© 2018-2024

Terms | Privacy