smokeloader | 80a16afe7c2a26670bc256951005f4823489a5fb68bda784b090bcd971c8ce9f | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

80a16afe7c2a26670bc256951005f4823489a5fb68bda784b090bcd971c8ce9f
Size

274KB
Sample

221128-tq9jvsbh9y
MD5

22be309b69dbaef6b473778ee49d809e
SHA1

9cb98b13a0183249fd0d1d2d653ad803034c4301
SHA256

80a16afe7c2a26670bc256951005f4823489a5fb68bda784b090bcd971c8ce9f
SHA512

f4a00857067d09cc945e58d949c616f9075331cd5141469595f91ca6cf240c09a3d4a9a6ba9dda37d13bd98f95c288030070734967f8788f1ad8e56f8d34bf15
SSDEEP

6144:2GlDRMg2WdTGhaGCkF6vQURVFvg4/FQF:J1MgrNGCkF6vQcDgSm

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

80a16afe7c2a26670bc256951005f4823489a5fb68bda784b090bcd971c8ce9f.exe

Resource

win10v2004-20220812-en

smokeloader backdoor trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  80a16afe7c2a26670bc256951005f4823489a5fb68bda784b090bcd971c8ce9f
- Size
  
  274KB
- MD5
  
  22be309b69dbaef6b473778ee49d809e
- SHA1
  
  9cb98b13a0183249fd0d1d2d653ad803034c4301
- SHA256
  
  80a16afe7c2a26670bc256951005f4823489a5fb68bda784b090bcd971c8ce9f
- SHA512
  
  f4a00857067d09cc945e58d949c616f9075331cd5141469595f91ca6cf240c09a3d4a9a6ba9dda37d13bd98f95c288030070734967f8788f1ad8e56f8d34bf15
- SSDEEP
  
  6144:2GlDRMg2WdTGhaGCkF6vQURVFvg4/FQF:J1MgrNGCkF6vQcDgSm
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Downloads MZ/PE file
- Executes dropped EXE
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy