smokeloader | de97cb8ac270803038f51586f061bce7575a6df7c8f51087a2ba5654658fe8ff | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

de97cb8ac270803038f51586f061bce7575a6df7c8f51087a2ba5654658fe8ff
Size

274KB
Sample

221206-fc7apacd9t
MD5

1f6c3ca67c5c8ba25586cf3dcfc092fa
SHA1

0b890781827011488566dd24a01fecdf81bba422
SHA256

de97cb8ac270803038f51586f061bce7575a6df7c8f51087a2ba5654658fe8ff
SHA512

4ef443e2fe5b652bd38dadbe1d9208267f20eb45c0dac9a600bf00b4a92e08f1f06be81a6f42659de83ee72efc5d8c81769e888ce77d7f5e15df1b45d0442552
SSDEEP

6144:4t7d2ssmt1pcsMuDauZnvnGwIDcy1CtVS:4t52EtFMuDrZn/QDcoCtVS

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

de97cb8ac270803038f51586f061bce7575a6df7c8f51087a2ba5654658fe8ff.exe

Resource

win10v2004-20220901-en

smokeloader backdoor trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  de97cb8ac270803038f51586f061bce7575a6df7c8f51087a2ba5654658fe8ff
- Size
  
  274KB
- MD5
  
  1f6c3ca67c5c8ba25586cf3dcfc092fa
- SHA1
  
  0b890781827011488566dd24a01fecdf81bba422
- SHA256
  
  de97cb8ac270803038f51586f061bce7575a6df7c8f51087a2ba5654658fe8ff
- SHA512
  
  4ef443e2fe5b652bd38dadbe1d9208267f20eb45c0dac9a600bf00b4a92e08f1f06be81a6f42659de83ee72efc5d8c81769e888ce77d7f5e15df1b45d0442552
- SSDEEP
  
  6144:4t7d2ssmt1pcsMuDauZnvnGwIDcy1CtVS:4t52EtFMuDrZn/QDcoCtVS
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy