smokeloader | 45cc45123696f60f91451ab16412b4308b6e7fd4f1c42ff6bb7aa4f9b9b9cf53 | Triage

Submit
Reports

Overview

overview

Static

static

cdf3b9f627...46.exe

windows7-x64

cdf3b9f627...46.exe

windows10-2004-x64

Sharing

General

Target

cdf3b9f627fa4294de09feee2488ad5dd7599784aad53a268cd996c4794e3346
Size

126KB
Sample

221123-zm6axsdc74
MD5

9464d96657d2b5479b0d00c4ce006747
SHA1

a86874c83161a081d74f0bd3572e62a59bc4dd0e
SHA256

45cc45123696f60f91451ab16412b4308b6e7fd4f1c42ff6bb7aa4f9b9b9cf53
SHA512

13e25dc7553d8a73a3869229a72d1bde7e795e84345b7834e521fda6fd80c1d2d0cd5beb3238155e4b5d2d62c41329e87b98d0211cb9293b0e19f269a5255905
SSDEEP

3072:i0vLMdwqewDbYr4Xm+yoR/+0tlHgHWFZlgd:BvLMaqvU4Xm+TR1tlHsaC

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

cdf3b9f627fa4294de09feee2488ad5dd7599784aad53a268cd996c4794e3346.exe

Resource

win7-20220901-en

smokeloader backdoor trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

cdf3b9f627fa4294de09feee2488ad5dd7599784aad53a268cd996c4794e3346.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

Malware Config

Targets

- Target
  
  cdf3b9f627fa4294de09feee2488ad5dd7599784aad53a268cd996c4794e3346
- Size
  
  186KB
- MD5
  
  fe1111c2894ce0e3919f44e07c08094f
- SHA1
  
  225fe3a587b192aa877f46db5bf6ad87c39cfb17
- SHA256
  
  cdf3b9f627fa4294de09feee2488ad5dd7599784aad53a268cd996c4794e3346
- SHA512
  
  349c550267f7ad6d7106733d2f4d77bfdda2ed0890c7383ce5d7263f8bfc9661511b893217f3bcd23ccebafbd2aa6cc185551bb4ef008019c8a22e0bab942ccb
- SSDEEP
  
  3072:/uukaHJoL544EWRPo5pxjpa7wZ2VX3J6yoR/+0tlHg5hrb6ITH:GusL54NKc94A2l3J6TR1tlHWhrV7
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

© 2018-2024

Terms | Privacy