smokeloader | ac632790e3d97b844bbd1258626596d69fbf840206bbbe3fd780aba1862a4b05 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

ac632790e3d97b844bbd1258626596d69fbf840206bbbe3fd780aba1862a4b05
Size

187KB
Sample

221123-l45h3ada99
MD5

da7cf91a9b196b15655775b92ef8d5a5
SHA1

6db66196fe8d2b0a6f100fb830bdb9345bf4dad3
SHA256

ac632790e3d97b844bbd1258626596d69fbf840206bbbe3fd780aba1862a4b05
SHA512

6e012cf80f8eb9ef275b47bd3c27a200a885acdefb73d66a42e4a9a251ff6d48151db663d9f66e098a1c73f90b2b496ea6de239e872db88e3ce99064277f26b5
SSDEEP

3072:HcBJniL29rHLPA4WOSlD65U9yYvBsdMmvzRQK6jIx/m1DK4:Kn3zLPA4JSn9yYvLOzRQ6x/U

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

ac632790e3d97b844bbd1258626596d69fbf840206bbbe3fd780aba1862a4b05.exe

Resource

win10v2004-20220812-en

smokeloader backdoor trojan

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  ac632790e3d97b844bbd1258626596d69fbf840206bbbe3fd780aba1862a4b05
- Size
  
  187KB
- MD5
  
  da7cf91a9b196b15655775b92ef8d5a5
- SHA1
  
  6db66196fe8d2b0a6f100fb830bdb9345bf4dad3
- SHA256
  
  ac632790e3d97b844bbd1258626596d69fbf840206bbbe3fd780aba1862a4b05
- SHA512
  
  6e012cf80f8eb9ef275b47bd3c27a200a885acdefb73d66a42e4a9a251ff6d48151db663d9f66e098a1c73f90b2b496ea6de239e872db88e3ce99064277f26b5
- SSDEEP
  
  3072:HcBJniL29rHLPA4WOSlD65U9yYvBsdMmvzRQK6jIx/m1DK4:Kn3zLPA4JSn9yYvLOzRQ6x/U
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy