smokeloader | c3aafb91990239b44b5b5f3fe8f15838b58672832f8f30cb7b1634ecb33ee53d | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

c3aafb91990239b44b5b5f3fe8f15838b58672832f8f30cb7b1634ecb33ee53d
Size

192KB
Sample

221201-1nxkvadh96
MD5

692ee5c6fd38d104ae764883c0389236
SHA1

fe1f49f6c12e02320353f0385d7e5bbcc2d3e04c
SHA256

c3aafb91990239b44b5b5f3fe8f15838b58672832f8f30cb7b1634ecb33ee53d
SHA512

b62e4843de8c48bc88dec92d2606fd224ac4ac28193acc3cda4d66853ee2aa1f055ea030e52c52109d5f234a7a3295721dab5ffbe65750a23af0549b6fc852f5
SSDEEP

3072:gkbak/JGBcVw8IJ5t/8FUd/1z7wKvej3RTBWFjFM/nRs9E3AZxpR/h8:gcVw8S8FU/zlmjG9vp

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

c3aafb91990239b44b5b5f3fe8f15838b58672832f8f30cb7b1634ecb33ee53d.exe

Resource

win10v2004-20221111-en

smokeloader backdoor trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  c3aafb91990239b44b5b5f3fe8f15838b58672832f8f30cb7b1634ecb33ee53d
- Size
  
  192KB
- MD5
  
  692ee5c6fd38d104ae764883c0389236
- SHA1
  
  fe1f49f6c12e02320353f0385d7e5bbcc2d3e04c
- SHA256
  
  c3aafb91990239b44b5b5f3fe8f15838b58672832f8f30cb7b1634ecb33ee53d
- SHA512
  
  b62e4843de8c48bc88dec92d2606fd224ac4ac28193acc3cda4d66853ee2aa1f055ea030e52c52109d5f234a7a3295721dab5ffbe65750a23af0549b6fc852f5
- SSDEEP
  
  3072:gkbak/JGBcVw8IJ5t/8FUd/1z7wKvej3RTBWFjFM/nRs9E3AZxpR/h8:gcVw8S8FU/zlmjG9vp
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy