smokeloader | c93836ac093280312a9bfdbb500c2f9ba74f293cd407d0e546a32b8d85ce06de | Triage

Submit
Reports

Overview

overview

Static

static

a23071ca8b...ad.exe

windows7-x64

a23071ca8b...ad.exe

windows10-2004-x64

Sharing

General

Target

a23071ca8b7cb1a2a85fd54efe3a5cf2f80470c9846efce69dd72d659f2670ad
Size

114KB
Sample

221127-eylenshe79
MD5

c698a057ea9152a8056e4ae937ce35b6
SHA1

6d9419f7ee0da620ab5753e9dd8789858d6d1742
SHA256

c93836ac093280312a9bfdbb500c2f9ba74f293cd407d0e546a32b8d85ce06de
SHA512

3f0cd4f3b09a2a62c69d14d30b6a29edb559761083839d3a59b006a7691601716b353b4704980916278867f295b19f8c4714f14f943a4fbad7cf6f0b212c27ac
SSDEEP

3072:iLNofAhFcWiJqy6t2VLcDq3gDn7HhSrRFCwgC2UWs:iLuAzk6t24qu7hSr7CwglUWs

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

a23071ca8b7cb1a2a85fd54efe3a5cf2f80470c9846efce69dd72d659f2670ad.exe

Resource

win7-20220812-en

smokeloader backdoor trojan

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

a23071ca8b7cb1a2a85fd54efe3a5cf2f80470c9846efce69dd72d659f2670ad.exe

Resource

win10v2004-20220812-en

smokeloader backdoor trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  a23071ca8b7cb1a2a85fd54efe3a5cf2f80470c9846efce69dd72d659f2670ad
- Size
  
  167KB
- MD5
  
  da4afd549426c3e6295e9a72e3872cda
- SHA1
  
  5e523e4069b17263af7e96afa24efd2227ec2158
- SHA256
  
  a23071ca8b7cb1a2a85fd54efe3a5cf2f80470c9846efce69dd72d659f2670ad
- SHA512
  
  9c34bfe0ae72461e88c086aaac8746e5a6e730223fcd2788e889432ebd25eba1acd4dcdd9917b9d180989a604b90e1ac5272187252140ad7631a97331b1a5d2a
- SSDEEP
  
  3072:Wrd9Ya2ZukYxzS5baNcb/ZfnKIoq4+2pGSbAP:wPELYxwvBCIL4PGJP
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy