smokeloader | edb633f7307ea2eb4e2d80fb17a18d5788238cba0be1f8a32a4d8fa06fc22bbb | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

edb633f7307ea2eb4e2d80fb17a18d5788238cba0be1f8a32a4d8fa06fc22bbb
Size

274KB
Sample

221128-t3n4padb3v
MD5

ec30af9ac2c8683c79ad47c6dcfd562a
SHA1

bc4f82358a1bf48e95ddd52a160a7cd445671d6b
SHA256

edb633f7307ea2eb4e2d80fb17a18d5788238cba0be1f8a32a4d8fa06fc22bbb
SHA512

5042df48fb9130498275be00cdf8a85822eb5650d5eac7e0f17a0536ed6e5690b06f2856946b9dadbb9509406b55cd1101132d2368a058c73fcda20ca135abf5
SSDEEP

6144:a5XFPRHF2WfP1xefIkB0oSXwKaVFvg4/FQF:8ZHFjxo0rXwKaDgSm

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

edb633f7307ea2eb4e2d80fb17a18d5788238cba0be1f8a32a4d8fa06fc22bbb.exe

Resource

win10v2004-20220812-en

smokeloader backdoor trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  edb633f7307ea2eb4e2d80fb17a18d5788238cba0be1f8a32a4d8fa06fc22bbb
- Size
  
  274KB
- MD5
  
  ec30af9ac2c8683c79ad47c6dcfd562a
- SHA1
  
  bc4f82358a1bf48e95ddd52a160a7cd445671d6b
- SHA256
  
  edb633f7307ea2eb4e2d80fb17a18d5788238cba0be1f8a32a4d8fa06fc22bbb
- SHA512
  
  5042df48fb9130498275be00cdf8a85822eb5650d5eac7e0f17a0536ed6e5690b06f2856946b9dadbb9509406b55cd1101132d2368a058c73fcda20ca135abf5
- SSDEEP
  
  6144:a5XFPRHF2WfP1xefIkB0oSXwKaVFvg4/FQF:8ZHFjxo0rXwKaDgSm
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy