smokeloader | 452171765720376c2e6f1bbacfb836ac1cf286519cd2f2f1a104c5e89b124bf4 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-1703-x64

Sharing

General

Target

452171765720376c2e6f1bbacfb836ac1cf286519cd2f2f1a104c5e89b124bf4
Size

186KB
Sample

221123-jkrfzsff62
MD5

c7f139302670e72d00fbb103282251fa
SHA1

cb02ec056dd63198379ea8cc472b576127840d76
SHA256

452171765720376c2e6f1bbacfb836ac1cf286519cd2f2f1a104c5e89b124bf4
SHA512

944c4cffa7dc63618acf0f8a8bb28830eab6e367c8658f59a063a8fbb6374d96c8b750bf23091ee456f26f5e0d742f8b2a154ee9a0c8186558690caee5a88a98
SSDEEP

3072:2BIEJUx4VTLvueWwFD5or7nBlDXKkIOOYuzLOomTQMFbSTXZ:FEeeLvuebEr7nBlMOykTQqb+XZ

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

452171765720376c2e6f1bbacfb836ac1cf286519cd2f2f1a104c5e89b124bf4.exe

Resource

win10-20220812-en

smokeloader backdoor trojan

windows10-1703-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  452171765720376c2e6f1bbacfb836ac1cf286519cd2f2f1a104c5e89b124bf4
- Size
  
  186KB
- MD5
  
  c7f139302670e72d00fbb103282251fa
- SHA1
  
  cb02ec056dd63198379ea8cc472b576127840d76
- SHA256
  
  452171765720376c2e6f1bbacfb836ac1cf286519cd2f2f1a104c5e89b124bf4
- SHA512
  
  944c4cffa7dc63618acf0f8a8bb28830eab6e367c8658f59a063a8fbb6374d96c8b750bf23091ee456f26f5e0d742f8b2a154ee9a0c8186558690caee5a88a98
- SSDEEP
  
  3072:2BIEJUx4VTLvueWwFD5or7nBlDXKkIOOYuzLOomTQMFbSTXZ:FEeeLvuebEr7nBlMOykTQqb+XZ
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Deletes itself
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy