smokeloader | 8f0652222afead81b7dd875737b2f6a9b2074d376a3cbab0fe0ccee6bade3255 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-1703-x64

Sharing

General

Target

8f0652222afead81b7dd875737b2f6a9b2074d376a3cbab0fe0ccee6bade3255
Size

273KB
Sample

221206-edm3rshc82
MD5

6b5a9f6f8eb8a86bf9b662adbfa29779
SHA1

e82ada0fe40687bb9b9fa43bb02ee9b8981645c6
SHA256

8f0652222afead81b7dd875737b2f6a9b2074d376a3cbab0fe0ccee6bade3255
SHA512

2a983e3b5a866b3dd6d702e0f874c2f0b66ef6ea538ddd0d010facceed5f95689afffbb765ef676de4242b2a1d1ee16fc24bddc50799cfab0e4ddaa56222b524
SSDEEP

3072:ZZXVmhYLlPATgp6x3WR5yk8O+2ll6cXaz58QirdiVRvJTcp4lURsfYgV2qs64j:Z9XFp6xnVOzllNXaiQihIDcCGRAVS

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

8f0652222afead81b7dd875737b2f6a9b2074d376a3cbab0fe0ccee6bade3255.exe

Resource

win10-20220901-en

smokeloader backdoor trojan

windows10-1703-x64

21 signatures

150 seconds

Malware Config

Targets

- Target
  
  8f0652222afead81b7dd875737b2f6a9b2074d376a3cbab0fe0ccee6bade3255
- Size
  
  273KB
- MD5
  
  6b5a9f6f8eb8a86bf9b662adbfa29779
- SHA1
  
  e82ada0fe40687bb9b9fa43bb02ee9b8981645c6
- SHA256
  
  8f0652222afead81b7dd875737b2f6a9b2074d376a3cbab0fe0ccee6bade3255
- SHA512
  
  2a983e3b5a866b3dd6d702e0f874c2f0b66ef6ea538ddd0d010facceed5f95689afffbb765ef676de4242b2a1d1ee16fc24bddc50799cfab0e4ddaa56222b524
- SSDEEP
  
  3072:ZZXVmhYLlPATgp6x3WR5yk8O+2ll6cXaz58QirdiVRvJTcp4lURsfYgV2qs64j:Z9XFp6xnVOzllNXaiQihIDcCGRAVS
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Blocklisted process makes network request
- Downloads MZ/PE file
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Peripheral Device Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy