smokeloader | 320d4bb8f1edc85a2e430ba5d676518891c2e3bae61829fb207fa8fba75f5d1a | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

320d4bb8f1edc85a2e430ba5d676518891c2e3bae61829fb207fa8fba75f5d1a
Size

316KB
Sample

221122-ged8csfb4s
MD5

579f3c3f5b93f8395da5c0e93864d361
SHA1

ce94bd0461ab81ad6f083a26d35493f95cf515f5
SHA256

320d4bb8f1edc85a2e430ba5d676518891c2e3bae61829fb207fa8fba75f5d1a
SHA512

ba1a1cb3b7c6453a0d8b1c8e8df6216f76e3f27ba4c4030be7c012edee41a518dc1fb50ccd51cc4232531b837da0a9a3acb4004fa6acd8cd2eeb456b46b77007
SSDEEP

6144:YtBuDsylKnQX9TJ50MRv8sMDmshnkf8+CwbG:FIx89V5JRt6zc8wG

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

320d4bb8f1edc85a2e430ba5d676518891c2e3bae61829fb207fa8fba75f5d1a.exe

Resource

win10v2004-20221111-en

smokeloader backdoor trojan

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  320d4bb8f1edc85a2e430ba5d676518891c2e3bae61829fb207fa8fba75f5d1a
- Size
  
  316KB
- MD5
  
  579f3c3f5b93f8395da5c0e93864d361
- SHA1
  
  ce94bd0461ab81ad6f083a26d35493f95cf515f5
- SHA256
  
  320d4bb8f1edc85a2e430ba5d676518891c2e3bae61829fb207fa8fba75f5d1a
- SHA512
  
  ba1a1cb3b7c6453a0d8b1c8e8df6216f76e3f27ba4c4030be7c012edee41a518dc1fb50ccd51cc4232531b837da0a9a3acb4004fa6acd8cd2eeb456b46b77007
- SSDEEP
  
  6144:YtBuDsylKnQX9TJ50MRv8sMDmshnkf8+CwbG:FIx89V5JRt6zc8wG
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2025

Terms | Privacy