smokeloader | 822d1e3b72d036ceb5798950dcce44a2fec8c14ecac3f6fa291b1274484c59f6 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

822d1e3b72d036ceb5798950dcce44a2fec8c14ecac3f6fa291b1274484c59f6
Size

147KB
Sample

221129-y6efwagc2v
MD5

fa9a085d579c1f06b6cfd9a780359b6e
SHA1

72da3a2b8c47d827c16192863d71c4e57b6fd992
SHA256

822d1e3b72d036ceb5798950dcce44a2fec8c14ecac3f6fa291b1274484c59f6
SHA512

6e85cdee7479aa75f059592a74bda361e0d679bab5be7cf0a9e75a2fc5f5880a1b34042df5aaf8c9eaeecfad96f2a4d4bc2575622185ba19c5c1bf5da408b1c2
SSDEEP

3072:XD2qjwGoZ2nNp58g2V+xZe1mox+naEY5OFJZR:VjAZ2egFx9ox+5Y2R

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

822d1e3b72d036ceb5798950dcce44a2fec8c14ecac3f6fa291b1274484c59f6.exe

Resource

win10v2004-20221111-en

smokeloader backdoor trojan

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  822d1e3b72d036ceb5798950dcce44a2fec8c14ecac3f6fa291b1274484c59f6
- Size
  
  147KB
- MD5
  
  fa9a085d579c1f06b6cfd9a780359b6e
- SHA1
  
  72da3a2b8c47d827c16192863d71c4e57b6fd992
- SHA256
  
  822d1e3b72d036ceb5798950dcce44a2fec8c14ecac3f6fa291b1274484c59f6
- SHA512
  
  6e85cdee7479aa75f059592a74bda361e0d679bab5be7cf0a9e75a2fc5f5880a1b34042df5aaf8c9eaeecfad96f2a4d4bc2575622185ba19c5c1bf5da408b1c2
- SSDEEP
  
  3072:XD2qjwGoZ2nNp58g2V+xZe1mox+naEY5OFJZR:VjAZ2egFx9ox+5Y2R
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy