smokeloader | 01930f8a8e24321878ded532eed1e396f818af2386782032ce0d8418a6fcd289 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

01930f8a8e24321878ded532eed1e396f818af2386782032ce0d8418a6fcd289
Size

274KB
Sample

221128-vstrvsbe95
MD5

22bf43e74f1301bcc364ed4820efbed2
SHA1

9ed0faf3ae513560662ea2bb435d1402f8e545e4
SHA256

01930f8a8e24321878ded532eed1e396f818af2386782032ce0d8418a6fcd289
SHA512

8bd261ee8b95418d5461dce933e600e78c433ba4db9372fbacf30bdd739b487d10000d27022cdb502a3d5451d1eb14b6b54e8699f5477f78f908f441111418c5
SSDEEP

6144:HAIyX7GU2W8qsW/WjfrRWBg9+t7VFvg4/FQF:qrGUiqg/9+t7DgSm

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

01930f8a8e24321878ded532eed1e396f818af2386782032ce0d8418a6fcd289.exe

Resource

win10v2004-20220901-en

smokeloader backdoor trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  01930f8a8e24321878ded532eed1e396f818af2386782032ce0d8418a6fcd289
- Size
  
  274KB
- MD5
  
  22bf43e74f1301bcc364ed4820efbed2
- SHA1
  
  9ed0faf3ae513560662ea2bb435d1402f8e545e4
- SHA256
  
  01930f8a8e24321878ded532eed1e396f818af2386782032ce0d8418a6fcd289
- SHA512
  
  8bd261ee8b95418d5461dce933e600e78c433ba4db9372fbacf30bdd739b487d10000d27022cdb502a3d5451d1eb14b6b54e8699f5477f78f908f441111418c5
- SSDEEP
  
  6144:HAIyX7GU2W8qsW/WjfrRWBg9+t7VFvg4/FQF:qrGUiqg/9+t7DgSm
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy