smokeloader | ddf9f6433a26cb20219f5e19cbe8262d0ee77ba919cde14eb3040428037b922f | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

ddf9f6433a26cb20219f5e19cbe8262d0ee77ba919cde14eb3040428037b922f
Size

145KB
Sample

221129-mqqcnaec3x
MD5

1788aa2917f22b7b48d80394dc3a8301
SHA1

2449103880a74616185dec2114dcf91e4f01cb41
SHA256

ddf9f6433a26cb20219f5e19cbe8262d0ee77ba919cde14eb3040428037b922f
SHA512

f6cf1efe18ba23ea9b06746c8d263fdc5b3adcc68c224c9719584dd4d8f56d86968da750eaf971a02d5c4dcd7093efdf0c4736c54bc97794a5d1d280d387e179
SSDEEP

3072:cc6AFD/5AAEwihTU9giQW5KJTLlI7UKSCFxu:X6ulshTU9oW+IIKSo

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

ddf9f6433a26cb20219f5e19cbe8262d0ee77ba919cde14eb3040428037b922f.exe

Resource

win10v2004-20220901-en

smokeloader backdoor trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  ddf9f6433a26cb20219f5e19cbe8262d0ee77ba919cde14eb3040428037b922f
- Size
  
  145KB
- MD5
  
  1788aa2917f22b7b48d80394dc3a8301
- SHA1
  
  2449103880a74616185dec2114dcf91e4f01cb41
- SHA256
  
  ddf9f6433a26cb20219f5e19cbe8262d0ee77ba919cde14eb3040428037b922f
- SHA512
  
  f6cf1efe18ba23ea9b06746c8d263fdc5b3adcc68c224c9719584dd4d8f56d86968da750eaf971a02d5c4dcd7093efdf0c4736c54bc97794a5d1d280d387e179
- SSDEEP
  
  3072:cc6AFD/5AAEwihTU9giQW5KJTLlI7UKSCFxu:X6ulshTU9oW+IIKSo
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2025

Terms | Privacy