smokeloader | 0eb2a571c5059cbfba0d7fbd6f04d4f5c24513a9be4253239f656ec3c60a31ec | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

0eb2a571c5059cbfba0d7fbd6f04d4f5c24513a9be4253239f656ec3c60a31ec
Size

200KB
Sample

221205-mqyzssbf26
MD5

fb6cb22871e0de9614228806294cc188
SHA1

9f5fe9c923c5bda320f249e183811afd83f01f55
SHA256

0eb2a571c5059cbfba0d7fbd6f04d4f5c24513a9be4253239f656ec3c60a31ec
SHA512

09b276eb62d9066c8c0ee6b92b2452f9b07e757221b5d054aa9a86cb2ff56456358ac70f8aad7a7d542309cf66fba0adae43fd417059b661f459eff3cb6f3289
SSDEEP

3072:OdNWmNjEOiei5AMXGaqX3wMX8CGSDFhTDw02rwEINA+z:AiiMXAZvc02sEINA+

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

0eb2a571c5059cbfba0d7fbd6f04d4f5c24513a9be4253239f656ec3c60a31ec.exe

Resource

win10v2004-20220812-en

smokeloader backdoor trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  0eb2a571c5059cbfba0d7fbd6f04d4f5c24513a9be4253239f656ec3c60a31ec
- Size
  
  200KB
- MD5
  
  fb6cb22871e0de9614228806294cc188
- SHA1
  
  9f5fe9c923c5bda320f249e183811afd83f01f55
- SHA256
  
  0eb2a571c5059cbfba0d7fbd6f04d4f5c24513a9be4253239f656ec3c60a31ec
- SHA512
  
  09b276eb62d9066c8c0ee6b92b2452f9b07e757221b5d054aa9a86cb2ff56456358ac70f8aad7a7d542309cf66fba0adae43fd417059b661f459eff3cb6f3289
- SSDEEP
  
  3072:OdNWmNjEOiei5AMXGaqX3wMX8CGSDFhTDw02rwEINA+z:AiiMXAZvc02sEINA+
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2025

Terms | Privacy