smokeloader | ec7fd4877dd3899b94c6f43ec80a32d3c5d9d3b829f31b5a04c36938ab8b775b | Triage

Submit
Reports

Overview

overview

Static

static

c795d1ef23...d8.exe

windows7-x64

c795d1ef23...d8.exe

windows10-2004-x64

Sharing

General

Target

c795d1ef237730bb9bf062b13545a0e70496ce5d65899486d9e6942f8101bbd8
Size

105KB
Sample

221129-1eqqyadb4x
MD5

341014d2a78b220f9a6c4ea0833d5934
SHA1

d519be9b17775437d09358c7e78f79067312035c
SHA256

ec7fd4877dd3899b94c6f43ec80a32d3c5d9d3b829f31b5a04c36938ab8b775b
SHA512

19bcbed8c5acc1ff92e53ce187a2c747cb744790651372ce5dd439c2d4867e2ff6d50ba7acc7f0c0b83607373c61dce1915899c5d50c31333b5fa05c4e238f0a
SSDEEP

3072:Q/8WtfB9bhSHeypXjTxGDan5PkY851HSqmp:ShB9bhS+yljT8i1I91q

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

c795d1ef237730bb9bf062b13545a0e70496ce5d65899486d9e6942f8101bbd8.exe

Resource

win7-20220901-en

smokeloader backdoor trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

c795d1ef237730bb9bf062b13545a0e70496ce5d65899486d9e6942f8101bbd8.exe

Resource

win10v2004-20221111-en

smokeloader backdoor trojan

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  c795d1ef237730bb9bf062b13545a0e70496ce5d65899486d9e6942f8101bbd8
- Size
  
  147KB
- MD5
  
  81f431a014c5efca427f30f1333cded2
- SHA1
  
  0001529f9857be9fbcd11cbc2db754181005c142
- SHA256
  
  c795d1ef237730bb9bf062b13545a0e70496ce5d65899486d9e6942f8101bbd8
- SHA512
  
  80353c091cbd8e03687c6fdf1db14ef16e8c49cec1744673fe426454d93d6d1ae1f0cd42facde52ff07f936e4db15580e470a0c7ef6991136f6c1c08d9f192c7
- SSDEEP
  
  3072:sW8cmk+Qeyn5SRP1hkHwIObL2+msNp70wUb7K:l+QeFRrMObphV
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy