smokeloader | b08447f006f4ede6ae763799d9afc89f548d61838a2ccb72e612c1d65fa93382 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

b08447f006f4ede6ae763799d9afc89f548d61838a2ccb72e612c1d65fa93382
Size

274KB
Sample

221128-tty8asge49
MD5

8e878c65a7bf7bf6b14ef72b02f58278
SHA1

14df750d04c044b855db3bdce491e1b2c7b8393f
SHA256

b08447f006f4ede6ae763799d9afc89f548d61838a2ccb72e612c1d65fa93382
SHA512

f8185eb2a501b3c037454b54b88606099807d415c75af0349ccfceb1f3d8b44ab60cffff3e31246c45f1362dae22d22d745922b631d549c970acefb50818560a
SSDEEP

6144:fHeEArtt2WlrM5UlKPdrrORTTpoVFvg4/FQF:vn6ttrrM5UWdeBWDgSm

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

b08447f006f4ede6ae763799d9afc89f548d61838a2ccb72e612c1d65fa93382.exe

Resource

win10v2004-20220901-en

smokeloader backdoor trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  b08447f006f4ede6ae763799d9afc89f548d61838a2ccb72e612c1d65fa93382
- Size
  
  274KB
- MD5
  
  8e878c65a7bf7bf6b14ef72b02f58278
- SHA1
  
  14df750d04c044b855db3bdce491e1b2c7b8393f
- SHA256
  
  b08447f006f4ede6ae763799d9afc89f548d61838a2ccb72e612c1d65fa93382
- SHA512
  
  f8185eb2a501b3c037454b54b88606099807d415c75af0349ccfceb1f3d8b44ab60cffff3e31246c45f1362dae22d22d745922b631d549c970acefb50818560a
- SSDEEP
  
  6144:fHeEArtt2WlrM5UlKPdrrORTTpoVFvg4/FQF:vn6ttrrM5UWdeBWDgSm
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy