smokeloader | 52471e1cc1cae54cc90cc19d7f06bd2a1f9c7a8a6a8fa22781f515333bbaf00e | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

52471e1cc1cae54cc90cc19d7f06bd2a1f9c7a8a6a8fa22781f515333bbaf00e
Size

185KB
Sample

221123-q3h1wsae8x
MD5

078caf808f799488a2e0fa74d5a932ed
SHA1

ece0d182d599f834c4b57a07fd07929e6bacfddf
SHA256

52471e1cc1cae54cc90cc19d7f06bd2a1f9c7a8a6a8fa22781f515333bbaf00e
SHA512

6d1c0c7c5fc4b1f025e60ade6fa69285dd13f6e74119c39e9a887eaa390c11638e46d08a9d81eff8d1859a9c43a45818dbc7b878904a611cc8c1b2c90bcb55e8
SSDEEP

3072:/iNJhQ8Hp2r1L944lWn0s5HDxWJ7fNWmpsC/29ltcF4VvOJ:6N58L944lEl1WJPFWnJVv

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

52471e1cc1cae54cc90cc19d7f06bd2a1f9c7a8a6a8fa22781f515333bbaf00e.exe

Resource

win10v2004-20221111-en

smokeloader backdoor trojan

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  52471e1cc1cae54cc90cc19d7f06bd2a1f9c7a8a6a8fa22781f515333bbaf00e
- Size
  
  185KB
- MD5
  
  078caf808f799488a2e0fa74d5a932ed
- SHA1
  
  ece0d182d599f834c4b57a07fd07929e6bacfddf
- SHA256
  
  52471e1cc1cae54cc90cc19d7f06bd2a1f9c7a8a6a8fa22781f515333bbaf00e
- SHA512
  
  6d1c0c7c5fc4b1f025e60ade6fa69285dd13f6e74119c39e9a887eaa390c11638e46d08a9d81eff8d1859a9c43a45818dbc7b878904a611cc8c1b2c90bcb55e8
- SSDEEP
  
  3072:/iNJhQ8Hp2r1L944lWn0s5HDxWJ7fNWmpsC/29ltcF4VvOJ:6N58L944lEl1WJPFWnJVv
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy