smokeloader | 7699f177ac460a22196c43a506659c5b276a3482b0b96ddadc89d1ef24d82361 | Triage

Submit
Reports

Overview

overview

Static

static

6da8b0ea2a...5b.exe

windows7-x64

6da8b0ea2a...5b.exe

windows10-2004-x64

Sharing

General

Target

6da8b0ea2a9c4e73a194ae77666bacd0b1fe74930839df0b33397fc050b80e5b
Size

176KB
Sample

221206-dqv4gahc52
MD5

efd018a36c5e46de14cd03e69188246d
SHA1

ad1d7f0a20835ed7f6b50f803e7724471043fc45
SHA256

7699f177ac460a22196c43a506659c5b276a3482b0b96ddadc89d1ef24d82361
SHA512

233cc8c0ca9157c3b711d57211bbfc2e5504254a85411a04eeb8ba24ddf1b03b94cf3a4714f29da5c849a66e887757ce3f58550eabd336871c5085fec28801a7
SSDEEP

3072:HxveLgBxgkBbs6NXX4rmoru1z/aKtxBsiwIzg7ikzA39y5zlTXYLXi:HxvrBxgkO6NXemDt/aKL/u9AAzoTi

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

6da8b0ea2a9c4e73a194ae77666bacd0b1fe74930839df0b33397fc050b80e5b.exe

Resource

win7-20220901-en

smokeloader backdoor trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

6da8b0ea2a9c4e73a194ae77666bacd0b1fe74930839df0b33397fc050b80e5b.exe

Resource

win10v2004-20220812-en

smokeloader backdoor trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  6da8b0ea2a9c4e73a194ae77666bacd0b1fe74930839df0b33397fc050b80e5b
- Size
  
  274KB
- MD5
  
  346c9edec6b579659ce2497acd6f23c5
- SHA1
  
  65e7713acb3f4e7bd87ce8caa93728cbd9ab151d
- SHA256
  
  6da8b0ea2a9c4e73a194ae77666bacd0b1fe74930839df0b33397fc050b80e5b
- SHA512
  
  b76cee33b702998b98bfef18221223f1b2e48d1e3c2fa817c97355759756f26ceb98ac5fff555d2b187c89daed90ac0dc8c1ac11b0e289f7d4f88fcf9727c636
- SSDEEP
  
  3072:9vUXVTEY3LK7x/dZ6TWR5Jiigwuwh/aKtxBsjtysXbiVRvJTcp4Jwc/zWQuYgV2R:JQKdZ6ysEh/aKLfWbIDcSLWVS
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy