smokeloader | f2b0d5b9d896a562b7cfb3977e19b352c295ffe6d99f7b0a1687ea7cde3c5f8d | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

f2b0d5b9d896a562b7cfb3977e19b352c295ffe6d99f7b0a1687ea7cde3c5f8d
Size

274KB
Sample

221128-w8nffsbh9s
MD5

d014c4d510cf4de79bb3816a1a4cb9f1
SHA1

507a9897f2b0d6efac4eff8ca835a42f8fd38f81
SHA256

f2b0d5b9d896a562b7cfb3977e19b352c295ffe6d99f7b0a1687ea7cde3c5f8d
SHA512

2a76ef452cd5bb7f3c553f627e273fba394946c837400f82e3f37935856fc5aa70565d536d327945113a65fc37cd09dfb9b405a1f998e3bd6efdb5efb4743817
SSDEEP

6144:i7CXlrjC2W5dAmcGscF7+V5mVFvg4/FQF:75jCXWCoSDgSm

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

f2b0d5b9d896a562b7cfb3977e19b352c295ffe6d99f7b0a1687ea7cde3c5f8d.exe

Resource

win10v2004-20221111-en

smokeloader backdoor trojan

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  f2b0d5b9d896a562b7cfb3977e19b352c295ffe6d99f7b0a1687ea7cde3c5f8d
- Size
  
  274KB
- MD5
  
  d014c4d510cf4de79bb3816a1a4cb9f1
- SHA1
  
  507a9897f2b0d6efac4eff8ca835a42f8fd38f81
- SHA256
  
  f2b0d5b9d896a562b7cfb3977e19b352c295ffe6d99f7b0a1687ea7cde3c5f8d
- SHA512
  
  2a76ef452cd5bb7f3c553f627e273fba394946c837400f82e3f37935856fc5aa70565d536d327945113a65fc37cd09dfb9b405a1f998e3bd6efdb5efb4743817
- SSDEEP
  
  6144:i7CXlrjC2W5dAmcGscF7+V5mVFvg4/FQF:75jCXWCoSDgSm
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy