smokeloader | 04755f8055d86e0c12b8175b14f53f891934a5461376f16b4b5478fffec32a8c | Triage

Submit
Reports

Overview

overview

Static

static

7da2afc012...de.exe

windows7-x64

7da2afc012...de.exe

windows10-2004-x64

Sharing

General

Target

7da2afc012fc12fa127178a6e8d465baad147fca443f2ff870762c14084757de
Size

104KB
Sample

221129-zm6lpaaa8x
MD5

ba4f220c486d8ad1424979cec420b202
SHA1

3986037d1235967def96834e6d5b178bf326d989
SHA256

04755f8055d86e0c12b8175b14f53f891934a5461376f16b4b5478fffec32a8c
SHA512

05b6c4b627cf38484e4414a90499577f6f4d94b41a6d67427a08249b79bbf4f24f9aff4c030a97a510eb080a9b42e972330454f2b0e89c30e8e77cae513bab25
SSDEEP

3072:Ag5JLkvNPBlpkpllDgyAYGkxbil5Fl2D61vsGDQ:A1P3epllDg9zkwtl2D+vsGE

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

7da2afc012fc12fa127178a6e8d465baad147fca443f2ff870762c14084757de.exe

Resource

win7-20221111-en

smokeloader backdoor trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

7da2afc012fc12fa127178a6e8d465baad147fca443f2ff870762c14084757de.exe

Resource

win10v2004-20220901-en

smokeloader backdoor trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  7da2afc012fc12fa127178a6e8d465baad147fca443f2ff870762c14084757de
- Size
  
  147KB
- MD5
  
  e8454384e5ad625a0f53459ac275ef17
- SHA1
  
  c28c433d5fd66eb0fad3f749de0c3fec4f9a0fc9
- SHA256
  
  7da2afc012fc12fa127178a6e8d465baad147fca443f2ff870762c14084757de
- SHA512
  
  b348e1f8eb1131c1922e391f68a6adc8cae84b78e04bbfcb317726c3b02b37a9b63bd5333c447bb477812d49923bffb49abeb3717187dee02dde6c98076780b8
- SSDEEP
  
  3072:FYv+ORce3n5Rbe5Yo5YilqJP/hzJdBXSkD:Kr6ejbe5Dfy3xJ/i
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy