smokeloader | bbce2762d2cf06a4cbeae8b8eca305986c8ede78877bca908d80d522ac874f40 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

bbce2762d2cf06a4cbeae8b8eca305986c8ede78877bca908d80d522ac874f40
Size

218KB
Sample

221220-mkad9ahc63
MD5

0139b09e55c73d86375be0662c5674b9
SHA1

32c9ee8ac02ef2d8c6d49229c5891a96f983e487
SHA256

bbce2762d2cf06a4cbeae8b8eca305986c8ede78877bca908d80d522ac874f40
SHA512

a83854daeb1a27cecfaa1b119c2a6502c33b4dd7c55ded378e4e35a770bbc6bc1e1e10cdd86a042112300cfa77d0614a4af4414cb8f8320e8acc6ef5721de8fd
SSDEEP

3072:f9p8+LkEERQGHRACUE6zANxp/XMGyt3VW7b/FnlcNHCDml:fH8+Lk3Rge6k3WfVOtkCa

Score

10^/10

smokeloader systembc backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

bbce2762d2cf06a4cbeae8b8eca305986c8ede78877bca908d80d522ac874f40.exe

Resource

win10v2004-20221111-en

smokeloader systembc backdoor trojan

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Extracted

Family

systembc

C2

109.205.214.18:443

Targets

- Target
  
  bbce2762d2cf06a4cbeae8b8eca305986c8ede78877bca908d80d522ac874f40
- Size
  
  218KB
- MD5
  
  0139b09e55c73d86375be0662c5674b9
- SHA1
  
  32c9ee8ac02ef2d8c6d49229c5891a96f983e487
- SHA256
  
  bbce2762d2cf06a4cbeae8b8eca305986c8ede78877bca908d80d522ac874f40
- SHA512
  
  a83854daeb1a27cecfaa1b119c2a6502c33b4dd7c55ded378e4e35a770bbc6bc1e1e10cdd86a042112300cfa77d0614a4af4414cb8f8320e8acc6ef5721de8fd
- SSDEEP
  
  3072:f9p8+LkEERQGHRACUE6zANxp/XMGyt3VW7b/FnlcNHCDml:fH8+Lk3Rge6k3WfVOtkCa
Score

10^/10

smokeloader systembc backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- SystemBC
  SystemBC is a proxy and remote administration tool first seen in 2019.
  trojan systembc
- Downloads MZ/PE file
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloadersystembcbackdoortrojan

© 2018-2024

Terms | Privacy