smokeloader | a5248e2b5f707e6b7d7b33ebd73fe051715fcf1d05937ca9e38088d473618348 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-1703-x64

Sharing

General

Target

a5248e2b5f707e6b7d7b33ebd73fe051715fcf1d05937ca9e38088d473618348
Size

186KB
Sample

221123-mdv3daha8z
MD5

36f21540789e75f5e99c572595b3f731
SHA1

442afdc144ea4194df7dd4086d84ddd72e4d392b
SHA256

a5248e2b5f707e6b7d7b33ebd73fe051715fcf1d05937ca9e38088d473618348
SHA512

b5dee3d12b75d0e62a1630e47d5fcf56fa6cfd530729d04e96998658c3ed865dea440ca77f5f0c4edf587503cc6b5ff8f60f0008526b15f25a154b4eaae67736
SSDEEP

3072:HBk75Cq2KFLh0o4WM365TPGWc040NlUIwGb1HLKTsgrf:+7EULh0xv2bc04kmIFb1H+TVz

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

a5248e2b5f707e6b7d7b33ebd73fe051715fcf1d05937ca9e38088d473618348.exe

Resource

win10-20220901-en

smokeloader backdoor trojan

windows10-1703-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  a5248e2b5f707e6b7d7b33ebd73fe051715fcf1d05937ca9e38088d473618348
- Size
  
  186KB
- MD5
  
  36f21540789e75f5e99c572595b3f731
- SHA1
  
  442afdc144ea4194df7dd4086d84ddd72e4d392b
- SHA256
  
  a5248e2b5f707e6b7d7b33ebd73fe051715fcf1d05937ca9e38088d473618348
- SHA512
  
  b5dee3d12b75d0e62a1630e47d5fcf56fa6cfd530729d04e96998658c3ed865dea440ca77f5f0c4edf587503cc6b5ff8f60f0008526b15f25a154b4eaae67736
- SSDEEP
  
  3072:HBk75Cq2KFLh0o4WM365TPGWc040NlUIwGb1HLKTsgrf:+7EULh0xv2bc04kmIFb1H+TVz
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Deletes itself
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy