smokeloader | 662347a8318b2871adf3b92c705ae41d670ad505e382f45637365c16ba16e1b3 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

662347a8318b2871adf3b92c705ae41d670ad505e382f45637365c16ba16e1b3
Size

187KB
Sample

221123-fzx1jaff7x
MD5

1f730d20295d6c7704d11ae900643737
SHA1

8d2b9f9616ccf5fa077b4f3d61399770b2f8fa28
SHA256

662347a8318b2871adf3b92c705ae41d670ad505e382f45637365c16ba16e1b3
SHA512

0e2d70ffc72e55d13f68fff3b5ea02a9f21efd9708128210693cb50abd03fd005491a8f79ec1a227768b3fd8e266eca0d476e58b597729ed2891ac2b55e195f2
SSDEEP

3072:WEKd7pB+nZ1ZLpXsW5Hj5fh7ALYRUNV+1RKk3lafMrrRCTOByt8:kdGLpXsaa0eoKk3lafcRuqyO

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

662347a8318b2871adf3b92c705ae41d670ad505e382f45637365c16ba16e1b3.exe

Resource

win10v2004-20220901-en

smokeloader backdoor trojan

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  662347a8318b2871adf3b92c705ae41d670ad505e382f45637365c16ba16e1b3
- Size
  
  187KB
- MD5
  
  1f730d20295d6c7704d11ae900643737
- SHA1
  
  8d2b9f9616ccf5fa077b4f3d61399770b2f8fa28
- SHA256
  
  662347a8318b2871adf3b92c705ae41d670ad505e382f45637365c16ba16e1b3
- SHA512
  
  0e2d70ffc72e55d13f68fff3b5ea02a9f21efd9708128210693cb50abd03fd005491a8f79ec1a227768b3fd8e266eca0d476e58b597729ed2891ac2b55e195f2
- SSDEEP
  
  3072:WEKd7pB+nZ1ZLpXsW5Hj5fh7ALYRUNV+1RKk3lafMrrRCTOByt8:kdGLpXsaa0eoKk3lafcRuqyO
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy