smokeloader | 26bd0e38184248619ed1172b93c0bc698045e498ce5f33fbf5e46a1441586f8b | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

26bd0e38184248619ed1172b93c0bc698045e498ce5f33fbf5e46a1441586f8b
Size

185KB
Sample

221123-qp2wvahe51
MD5

406cc15decb947f74175003e07b63a9d
SHA1

fc35bd5543ebcf62a287b4a7b048136b2fa8f1fb
SHA256

26bd0e38184248619ed1172b93c0bc698045e498ce5f33fbf5e46a1441586f8b
SHA512

2d80b99ee68b0ac86372888e2be77aa9eb9638e9ba03f294cd98b0fca5dba16ba88c80ec11ba9ca5a0bb6dc313048cdfec8a62429aabacfdee2e5ebc2a580e1e
SSDEEP

3072:HG0o1aQYNi0LxhyWtss53gksRv5ZEuSnhWyxv6pl8IIyxPghsM:m0RLxhy+lgRP4hWsv6pl8IIyW

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

26bd0e38184248619ed1172b93c0bc698045e498ce5f33fbf5e46a1441586f8b.exe

Resource

win10v2004-20221111-en

smokeloader backdoor trojan

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  26bd0e38184248619ed1172b93c0bc698045e498ce5f33fbf5e46a1441586f8b
- Size
  
  185KB
- MD5
  
  406cc15decb947f74175003e07b63a9d
- SHA1
  
  fc35bd5543ebcf62a287b4a7b048136b2fa8f1fb
- SHA256
  
  26bd0e38184248619ed1172b93c0bc698045e498ce5f33fbf5e46a1441586f8b
- SHA512
  
  2d80b99ee68b0ac86372888e2be77aa9eb9638e9ba03f294cd98b0fca5dba16ba88c80ec11ba9ca5a0bb6dc313048cdfec8a62429aabacfdee2e5ebc2a580e1e
- SSDEEP
  
  3072:HG0o1aQYNi0LxhyWtss53gksRv5ZEuSnhWyxv6pl8IIyxPghsM:m0RLxhy+lgRP4hWsv6pl8IIyW
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy