smokeloader | 3dde373e542d04bd45432b3478fa1da5649e601489dc3873317591e8eae4edc8 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

3dde373e542d04bd45432b3478fa1da5649e601489dc3873317591e8eae4edc8
Size

186KB
Sample

221123-hwx78see58
MD5

f58b0e3cef672f3720027e783d31b987
SHA1

09242531a43ca4070c71a6bd6e64b1d72ba34ecb
SHA256

3dde373e542d04bd45432b3478fa1da5649e601489dc3873317591e8eae4edc8
SHA512

dc19f9cc126db0e86efa3447c069b8b5ccde09f17c712ac528f0cb58da1b495edcb39789b2b15322d396cd5a9d99c867eba98aa7c828a48bba7d8f6e3c42a2bb
SSDEEP

3072:6BkAt/2QzaLG1yZWklD5Fx8UHMHUhuX54JosqcvgZR3o0dXPqY:NANSLG1yZn5eUsgZ3KRY0dXPq

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

3dde373e542d04bd45432b3478fa1da5649e601489dc3873317591e8eae4edc8.exe

Resource

win10v2004-20220812-en

smokeloader backdoor trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  3dde373e542d04bd45432b3478fa1da5649e601489dc3873317591e8eae4edc8
- Size
  
  186KB
- MD5
  
  f58b0e3cef672f3720027e783d31b987
- SHA1
  
  09242531a43ca4070c71a6bd6e64b1d72ba34ecb
- SHA256
  
  3dde373e542d04bd45432b3478fa1da5649e601489dc3873317591e8eae4edc8
- SHA512
  
  dc19f9cc126db0e86efa3447c069b8b5ccde09f17c712ac528f0cb58da1b495edcb39789b2b15322d396cd5a9d99c867eba98aa7c828a48bba7d8f6e3c42a2bb
- SSDEEP
  
  3072:6BkAt/2QzaLG1yZWklD5Fx8UHMHUhuX54JosqcvgZR3o0dXPqY:NANSLG1yZn5eUsgZ3KRY0dXPq
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy