smokeloader | 28c51f0f8f8af01ff6a4770ddb0244873df333c2d80b8ff04e2498c1b14e3c55 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

28c51f0f8f8af01ff6a4770ddb0244873df333c2d80b8ff04e2498c1b14e3c55
Size

186KB
Sample

221123-h441raeh65
MD5

1785ee909fad4fc8238d66805029f42d
SHA1

6f06df6cdeccbe6bb25938d7254f11e5449aef00
SHA256

28c51f0f8f8af01ff6a4770ddb0244873df333c2d80b8ff04e2498c1b14e3c55
SHA512

bff2a207ab26ceb096f79935969cfc6aec830cfca9bd2a6f85430efedce7e1fb63f10baeeb18eb8f1a4b830370b4c37e3ac497593df98ff65d95ef1f88521e92
SSDEEP

3072:WBkADqu9RpLGO/0WWwjD5d4/DlQbM1PJCGSAc3PZ8zOh847:5A2QLX/0WXFb2PJ/1cPZLhZ

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

28c51f0f8f8af01ff6a4770ddb0244873df333c2d80b8ff04e2498c1b14e3c55.exe

Resource

win10v2004-20221111-en

smokeloader backdoor trojan

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  28c51f0f8f8af01ff6a4770ddb0244873df333c2d80b8ff04e2498c1b14e3c55
- Size
  
  186KB
- MD5
  
  1785ee909fad4fc8238d66805029f42d
- SHA1
  
  6f06df6cdeccbe6bb25938d7254f11e5449aef00
- SHA256
  
  28c51f0f8f8af01ff6a4770ddb0244873df333c2d80b8ff04e2498c1b14e3c55
- SHA512
  
  bff2a207ab26ceb096f79935969cfc6aec830cfca9bd2a6f85430efedce7e1fb63f10baeeb18eb8f1a4b830370b4c37e3ac497593df98ff65d95ef1f88521e92
- SSDEEP
  
  3072:WBkADqu9RpLGO/0WWwjD5d4/DlQbM1PJCGSAc3PZ8zOh847:5A2QLX/0WXFb2PJ/1cPZLhZ
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy