smokeloader | 2f152c473416e5b18cdfa302704cd092954163e1e1877b47c28e8582f5c469c6 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

2f152c473416e5b18cdfa302704cd092954163e1e1877b47c28e8582f5c469c6
Size

274KB
Sample

221128-vsctcabe72
MD5

e0ac38adcdc1b497312d341577de215e
SHA1

9efd70e3ed9a55e4a9626a099352fe372f906300
SHA256

2f152c473416e5b18cdfa302704cd092954163e1e1877b47c28e8582f5c469c6
SHA512

ee32ceccb2d46fa62d48399406ec18ca925ab4b99be4528da416631a678e4fbe57fdbf3ebee7cbb1320df084301204bee634cb148c775b5149cc370ed85e8aad
SSDEEP

6144:f7ls7w02WMf++Y7qZqWZq7EVFvg4/FQF:Zaw0s+5qZddDgSm

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

2f152c473416e5b18cdfa302704cd092954163e1e1877b47c28e8582f5c469c6.exe

Resource

win10v2004-20220812-en

smokeloader backdoor trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  2f152c473416e5b18cdfa302704cd092954163e1e1877b47c28e8582f5c469c6
- Size
  
  274KB
- MD5
  
  e0ac38adcdc1b497312d341577de215e
- SHA1
  
  9efd70e3ed9a55e4a9626a099352fe372f906300
- SHA256
  
  2f152c473416e5b18cdfa302704cd092954163e1e1877b47c28e8582f5c469c6
- SHA512
  
  ee32ceccb2d46fa62d48399406ec18ca925ab4b99be4528da416631a678e4fbe57fdbf3ebee7cbb1320df084301204bee634cb148c775b5149cc370ed85e8aad
- SSDEEP
  
  6144:f7ls7w02WMf++Y7qZqWZq7EVFvg4/FQF:Zaw0s+5qZddDgSm
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy