smokeloader | 55a61a529e338a8989a73d13b81ef0dc8b95313cec5a2edea0cdf24e2da0038c | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

55a61a529e338a8989a73d13b81ef0dc8b95313cec5a2edea0cdf24e2da0038c
Size

186KB
Sample

221123-jz6t8abf6w
MD5

8a3fcb6df3e213a1f07cd636dd5bff67
SHA1

bd795ccf151bb239de0ec874efa6d1e403807fb5
SHA256

55a61a529e338a8989a73d13b81ef0dc8b95313cec5a2edea0cdf24e2da0038c
SHA512

11daf71beb9d0f5987fb0e8b3080d906068f8b16d03c065d5c04bf704da45d6bb061523087bcfe4b926aa9ad7cd506fe085dcfe26f102c709d13deefc6b7805e
SSDEEP

3072:QBIEivjE31LqnAWYID5Fn2itWdjAnv8dF1sWW55sKKGV:jE2MLqnA7ODWtAEX9a5h

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

55a61a529e338a8989a73d13b81ef0dc8b95313cec5a2edea0cdf24e2da0038c.exe

Resource

win10v2004-20221111-en

smokeloader backdoor trojan

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  55a61a529e338a8989a73d13b81ef0dc8b95313cec5a2edea0cdf24e2da0038c
- Size
  
  186KB
- MD5
  
  8a3fcb6df3e213a1f07cd636dd5bff67
- SHA1
  
  bd795ccf151bb239de0ec874efa6d1e403807fb5
- SHA256
  
  55a61a529e338a8989a73d13b81ef0dc8b95313cec5a2edea0cdf24e2da0038c
- SHA512
  
  11daf71beb9d0f5987fb0e8b3080d906068f8b16d03c065d5c04bf704da45d6bb061523087bcfe4b926aa9ad7cd506fe085dcfe26f102c709d13deefc6b7805e
- SSDEEP
  
  3072:QBIEivjE31LqnAWYID5Fn2itWdjAnv8dF1sWW55sKKGV:jE2MLqnA7ODWtAEX9a5h
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy