smokeloader | 6ee08664cce1d30040a516a1af2f340defaa14b58235064af6111dbd420fb90e | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-1703-x64

Sharing

General

Target

6ee08664cce1d30040a516a1af2f340defaa14b58235064af6111dbd420fb90e
Size

186KB
Sample

221123-mjbkxseb77
MD5

86258109b64426739cbb78a699adfc9f
SHA1

23434fc20f891b98a437cb90a8e696d463696345
SHA256

6ee08664cce1d30040a516a1af2f340defaa14b58235064af6111dbd420fb90e
SHA512

1c8b6b7b58ef8411f6e46d09cf71aabed0d61efa1308fcbe28ed59d1ae47783b9bf805c79af08d756f4cd7f8af1c6abed1bb1a6b7b710ebf1d3af82088164cd1
SSDEEP

3072:Zql9+/GkLhsSmYW6KO5kf3b8qsEOhuo4N/YAnoxHH:YlQLhsSmYZWnsEOko4N/YAnW

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

6ee08664cce1d30040a516a1af2f340defaa14b58235064af6111dbd420fb90e.exe

Resource

win10-20220812-en

smokeloader backdoor trojan

windows10-1703-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  6ee08664cce1d30040a516a1af2f340defaa14b58235064af6111dbd420fb90e
- Size
  
  186KB
- MD5
  
  86258109b64426739cbb78a699adfc9f
- SHA1
  
  23434fc20f891b98a437cb90a8e696d463696345
- SHA256
  
  6ee08664cce1d30040a516a1af2f340defaa14b58235064af6111dbd420fb90e
- SHA512
  
  1c8b6b7b58ef8411f6e46d09cf71aabed0d61efa1308fcbe28ed59d1ae47783b9bf805c79af08d756f4cd7f8af1c6abed1bb1a6b7b710ebf1d3af82088164cd1
- SSDEEP
  
  3072:Zql9+/GkLhsSmYW6KO5kf3b8qsEOhuo4N/YAnoxHH:YlQLhsSmYZWnsEOko4N/YAnW
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Deletes itself
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy