smokeloader | 816adcfce5e1ba4dc387cf4fcead55104b95eaacad06663620700746a3813c1a | Triage

Submit
Reports

Overview

overview

Static

static

a97075cc9a...77.exe

windows7-x64

a97075cc9a...77.exe

windows10-2004-x64

Sharing

General

Target

a97075cc9ae57deea8f1c5dfec8c79e20145f57c36f1062afabcfdb4597e9977
Size

126KB
Sample

221123-xjj76sfb73
MD5

fc0506303c4b1d654f5271ce4e3fef2d
SHA1

561d9b58df4ca6a347f92b51dca516519cc7038a
SHA256

816adcfce5e1ba4dc387cf4fcead55104b95eaacad06663620700746a3813c1a
SHA512

16caf25696ea9a352665b4494aa1420aef07ad7266232d14e3d67e0e7af9e37e21fbc2cc3ba1a545b808e79774fdd8623500b5b1b177fc093e7eb4aa873f1f88
SSDEEP

3072:RlzX/2rC6LHPp0k7jb/XnZWOt2UCEX6YyAnvS:/zX/2rvzP7jbhn5tKeS

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

a97075cc9ae57deea8f1c5dfec8c79e20145f57c36f1062afabcfdb4597e9977.exe

Resource

win7-20221111-en

smokeloader backdoor trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

a97075cc9ae57deea8f1c5dfec8c79e20145f57c36f1062afabcfdb4597e9977.exe

Resource

win10v2004-20221111-en

smokeloader backdoor trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  a97075cc9ae57deea8f1c5dfec8c79e20145f57c36f1062afabcfdb4597e9977
- Size
  
  186KB
- MD5
  
  ee401fe650ddbacb69802378984e008b
- SHA1
  
  dec8dd29852a3f48a016755ae6ad527dab0e0bf9
- SHA256
  
  a97075cc9ae57deea8f1c5dfec8c79e20145f57c36f1062afabcfdb4597e9977
- SHA512
  
  b77f5615500aa57c818f8f4cfddf72999305b271f327f41b920b0d2bc63188616243c06abe780745af924198416571a03b765c38f03a11080e24333a03b0725f
- SSDEEP
  
  3072:nDARqX204eL21rWnqTo5xP2UCEX6Rietn:DAGL21r4VP5tKRie
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy