smokeloader | 710483c6ddf650b790679bc69a981eb92d5ebaf92e96f9f069393caae83268f6 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

710483c6ddf650b790679bc69a981eb92d5ebaf92e96f9f069393caae83268f6
Size

186KB
Sample

221124-mrgrxagh92
MD5

3bbea739a8dd91483a60dec30e30d90a
SHA1

6faf77ea4d51ceaef5b543b312ec70c6d00d9f0d
SHA256

710483c6ddf650b790679bc69a981eb92d5ebaf92e96f9f069393caae83268f6
SHA512

1b49f8d35b1436a83d7169257acce9f5dda2885737df48ddb49c2dc2dd6967417bae85026b5e1e2dc68c2a98f15d4fd4178cdada7d6e4a3fe47d148409573dd5
SSDEEP

3072:/NP/zTD/T5Ysw91KLKZbbZ1h5O3pBspzEKV1xebi1eV7MO:9/rLuscKLKxVypUEKV1xebeeVAO

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

710483c6ddf650b790679bc69a981eb92d5ebaf92e96f9f069393caae83268f6.exe

Resource

win10v2004-20221111-en

smokeloader backdoor trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  710483c6ddf650b790679bc69a981eb92d5ebaf92e96f9f069393caae83268f6
- Size
  
  186KB
- MD5
  
  3bbea739a8dd91483a60dec30e30d90a
- SHA1
  
  6faf77ea4d51ceaef5b543b312ec70c6d00d9f0d
- SHA256
  
  710483c6ddf650b790679bc69a981eb92d5ebaf92e96f9f069393caae83268f6
- SHA512
  
  1b49f8d35b1436a83d7169257acce9f5dda2885737df48ddb49c2dc2dd6967417bae85026b5e1e2dc68c2a98f15d4fd4178cdada7d6e4a3fe47d148409573dd5
- SSDEEP
  
  3072:/NP/zTD/T5Ysw91KLKZbbZ1h5O3pBspzEKV1xebi1eV7MO:9/rLuscKLKxVypUEKV1xebeeVAO
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy