smokeloader | d9ac88908d7bd67f02cf7d0669ba2fccaf094f115960ac9fdeefebd65b15a362 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

d9ac88908d7bd67f02cf7d0669ba2fccaf094f115960ac9fdeefebd65b15a362
Size

139KB
Sample

221129-3wkbladc91
MD5

b738b6682db44163bcb88ea6cec604d5
SHA1

f4a147cbd15bafd1a132e4e1459d747c24d50b54
SHA256

d9ac88908d7bd67f02cf7d0669ba2fccaf094f115960ac9fdeefebd65b15a362
SHA512

03a0c20fbf3685ba17f2838c465c427fd0d075af8cc26d4eec6ecc09b0bffcf89a53bb7e8e9d1d25b04fa1df07c8846223883c62e33d02f67cad6bb57708b409
SSDEEP

3072:KTftXpr5RQhDIHbz0y0mPUlakbJPoGOP:wH0DIH30y0zltbdPOP

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

d9ac88908d7bd67f02cf7d0669ba2fccaf094f115960ac9fdeefebd65b15a362.exe

Resource

win10v2004-20220901-en

smokeloader backdoor trojan

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  d9ac88908d7bd67f02cf7d0669ba2fccaf094f115960ac9fdeefebd65b15a362
- Size
  
  139KB
- MD5
  
  b738b6682db44163bcb88ea6cec604d5
- SHA1
  
  f4a147cbd15bafd1a132e4e1459d747c24d50b54
- SHA256
  
  d9ac88908d7bd67f02cf7d0669ba2fccaf094f115960ac9fdeefebd65b15a362
- SHA512
  
  03a0c20fbf3685ba17f2838c465c427fd0d075af8cc26d4eec6ecc09b0bffcf89a53bb7e8e9d1d25b04fa1df07c8846223883c62e33d02f67cad6bb57708b409
- SSDEEP
  
  3072:KTftXpr5RQhDIHbz0y0mPUlakbJPoGOP:wH0DIH30y0zltbdPOP
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy