smokeloader | ce6a2a3bc6a3c7bd82ad258bd7e7b872317e87c172d55abd282e51106a7fd604 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-1703-x64

Sharing

General

Target

ce6a2a3bc6a3c7bd82ad258bd7e7b872317e87c172d55abd282e51106a7fd604
Size

186KB
Sample

221123-m6zk9sga28
MD5

27a5dfa241fdf0ad54a605cc84de5654
SHA1

99632b06ba5ab91dfdac6e5370b320c35a6fc8d3
SHA256

ce6a2a3bc6a3c7bd82ad258bd7e7b872317e87c172d55abd282e51106a7fd604
SHA512

e7f3756e3930605199be732b1beb0dcb56c01a4c1603c73cf59af3d3e436e2a1f7972dd470334667f4788766562d86b741c96a00a7d4db92314f691142b8f7d1
SSDEEP

3072:uqlgM/TILF8MNcWHLO5ltVx8GIUmgKScOM196C3BAC6:RlkLFdNcUgx8GwgKScOi9zBX6

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

ce6a2a3bc6a3c7bd82ad258bd7e7b872317e87c172d55abd282e51106a7fd604.exe

Resource

win10-20220812-en

smokeloader backdoor trojan

windows10-1703-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  ce6a2a3bc6a3c7bd82ad258bd7e7b872317e87c172d55abd282e51106a7fd604
- Size
  
  186KB
- MD5
  
  27a5dfa241fdf0ad54a605cc84de5654
- SHA1
  
  99632b06ba5ab91dfdac6e5370b320c35a6fc8d3
- SHA256
  
  ce6a2a3bc6a3c7bd82ad258bd7e7b872317e87c172d55abd282e51106a7fd604
- SHA512
  
  e7f3756e3930605199be732b1beb0dcb56c01a4c1603c73cf59af3d3e436e2a1f7972dd470334667f4788766562d86b741c96a00a7d4db92314f691142b8f7d1
- SSDEEP
  
  3072:uqlgM/TILF8MNcWHLO5ltVx8GIUmgKScOM196C3BAC6:RlkLFdNcUgx8GwgKScOi9zBX6
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Deletes itself
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy