smokeloader | cf05eb67c83f275518f0ca50f1e71ed26a6b7361d26b15be821f85fc791ad1cb | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-1703-x64

Sharing

General

Target

cf05eb67c83f275518f0ca50f1e71ed26a6b7361d26b15be821f85fc791ad1cb
Size

146KB
Sample

221129-yvtresfa31
MD5

ce35e36e4cfe2fa6f701d6bc84e3dfcc
SHA1

7150ff484439c25af3a8563930aadb718b6a0f22
SHA256

cf05eb67c83f275518f0ca50f1e71ed26a6b7361d26b15be821f85fc791ad1cb
SHA512

b799b8476ab3c71f91026b90f2adef9494781d51a97f9047ebbd8f07f74128a0515fde68ee8424741246f72a469de4b9ca0a22344497db64ddda5e779b2e58ab
SSDEEP

3072:xODzGplxVIeoLy5KesJBx4P3Usgtvf/6CV2BvzX:iGpjCeoFl4PEsqv3zU

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

cf05eb67c83f275518f0ca50f1e71ed26a6b7361d26b15be821f85fc791ad1cb.exe

Resource

win10-20220901-en

smokeloader backdoor trojan

windows10-1703-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  cf05eb67c83f275518f0ca50f1e71ed26a6b7361d26b15be821f85fc791ad1cb
- Size
  
  146KB
- MD5
  
  ce35e36e4cfe2fa6f701d6bc84e3dfcc
- SHA1
  
  7150ff484439c25af3a8563930aadb718b6a0f22
- SHA256
  
  cf05eb67c83f275518f0ca50f1e71ed26a6b7361d26b15be821f85fc791ad1cb
- SHA512
  
  b799b8476ab3c71f91026b90f2adef9494781d51a97f9047ebbd8f07f74128a0515fde68ee8424741246f72a469de4b9ca0a22344497db64ddda5e779b2e58ab
- SSDEEP
  
  3072:xODzGplxVIeoLy5KesJBx4P3Usgtvf/6CV2BvzX:iGpjCeoFl4PEsqv3zU
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Deletes itself
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy