smokeloader | 3e0e0c829e98fe3cd056d18180642970ba09eaf5ebff49642553cd8e5143b9b8 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

3e0e0c829e98fe3cd056d18180642970ba09eaf5ebff49642553cd8e5143b9b8
Size

186KB
Sample

221123-t6ygjabb21
MD5

b555df17b71f1d7b4f19fba3cbce3c99
SHA1

dd688d1e12c50ff7565c80d9324c32b6643bd98c
SHA256

3e0e0c829e98fe3cd056d18180642970ba09eaf5ebff49642553cd8e5143b9b8
SHA512

e3f7e6c71b3d9884a840c2613ed984ea9350826d76c88dc47161e30e26b2566047b1393dab32b01e7e0516c54b68748637bcfbf5636f3be1679d59a925a02259
SSDEEP

3072:PuukTcUYL8SBXdWRpo56ch0+flOgcHE07UPDqIEhgiVrS:2u7L/BXdqZch0+fc/QGI4hr

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

3e0e0c829e98fe3cd056d18180642970ba09eaf5ebff49642553cd8e5143b9b8.exe

Resource

win10v2004-20221111-en

smokeloader backdoor trojan

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  3e0e0c829e98fe3cd056d18180642970ba09eaf5ebff49642553cd8e5143b9b8
- Size
  
  186KB
- MD5
  
  b555df17b71f1d7b4f19fba3cbce3c99
- SHA1
  
  dd688d1e12c50ff7565c80d9324c32b6643bd98c
- SHA256
  
  3e0e0c829e98fe3cd056d18180642970ba09eaf5ebff49642553cd8e5143b9b8
- SHA512
  
  e3f7e6c71b3d9884a840c2613ed984ea9350826d76c88dc47161e30e26b2566047b1393dab32b01e7e0516c54b68748637bcfbf5636f3be1679d59a925a02259
- SSDEEP
  
  3072:PuukTcUYL8SBXdWRpo56ch0+flOgcHE07UPDqIEhgiVrS:2u7L/BXdqZch0+fc/QGI4hr
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Downloads MZ/PE file
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy