smokeloader | 116b612864fc76ce6cdb26d99eacc0597c09e09ebe102acc4bb2d0fdb087d3a6 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-1703-x64

Sharing

General

Target

116b612864fc76ce6cdb26d99eacc0597c09e09ebe102acc4bb2d0fdb087d3a6
Size

186KB
Sample

221123-sr5fvsfb8v
MD5

036d40eefb90349f85693022de4ebc86
SHA1

374412425c991d9f43735139b1f26877ce0ca455
SHA256

116b612864fc76ce6cdb26d99eacc0597c09e09ebe102acc4bb2d0fdb087d3a6
SHA512

1b57b8f8485994dbfe66ad7cd6ee7bcede9221f9cee75205d284aec8a236866f7704e170d6eddc870b4adece744531fcec227a4844dc07d75c5e5d96662429fc
SSDEEP

3072:PuuR1LmfXLEjoWnck5Fwe0zQygV6kFDn+4XVxshRudBZ:2uCvLEjocVcQB6qiGguvZ

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

116b612864fc76ce6cdb26d99eacc0597c09e09ebe102acc4bb2d0fdb087d3a6.exe

Resource

win10-20220812-en

smokeloader backdoor trojan

windows10-1703-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  116b612864fc76ce6cdb26d99eacc0597c09e09ebe102acc4bb2d0fdb087d3a6
- Size
  
  186KB
- MD5
  
  036d40eefb90349f85693022de4ebc86
- SHA1
  
  374412425c991d9f43735139b1f26877ce0ca455
- SHA256
  
  116b612864fc76ce6cdb26d99eacc0597c09e09ebe102acc4bb2d0fdb087d3a6
- SHA512
  
  1b57b8f8485994dbfe66ad7cd6ee7bcede9221f9cee75205d284aec8a236866f7704e170d6eddc870b4adece744531fcec227a4844dc07d75c5e5d96662429fc
- SSDEEP
  
  3072:PuuR1LmfXLEjoWnck5Fwe0zQygV6kFDn+4XVxshRudBZ:2uCvLEjocVcQB6qiGguvZ
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Deletes itself
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy