smokeloader | 90679b4a0cb26f6038a05cfd8270d46a5b3c4995bbaf59efd6d3e5de4fdc29e5 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-1703-x64

Sharing

General

Target

90679b4a0cb26f6038a05cfd8270d46a5b3c4995bbaf59efd6d3e5de4fdc29e5
Size

312KB
Sample

221229-v8lq7adf38
MD5

e4f0b0d9139ec1eb82dc9cc1e20af7b4
SHA1

26a3a97f08ad1f75e423c9e5065cc8f1144ba84f
SHA256

90679b4a0cb26f6038a05cfd8270d46a5b3c4995bbaf59efd6d3e5de4fdc29e5
SHA512

3adec6e9cf5c7ac60f85adb18077ffa1639caf978bfa50ec83629b81984416b723c4e0b5f7982e3e1ee456b8c1496fab737c699a72f188e6c50d43ea199fba8b
SSDEEP

3072:Q3DLOYedv5MoJptICka6L1qZDUs6G+gSENrOKbIxe01Cz5Mqdqujodd/Jc5793Be:MLOYeMoLtBD6G+3yIxZ1WqqdS09R

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

90679b4a0cb26f6038a05cfd8270d46a5b3c4995bbaf59efd6d3e5de4fdc29e5.exe

Resource

win10-20220901-en

smokeloader backdoor trojan

windows10-1703-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  90679b4a0cb26f6038a05cfd8270d46a5b3c4995bbaf59efd6d3e5de4fdc29e5
- Size
  
  312KB
- MD5
  
  e4f0b0d9139ec1eb82dc9cc1e20af7b4
- SHA1
  
  26a3a97f08ad1f75e423c9e5065cc8f1144ba84f
- SHA256
  
  90679b4a0cb26f6038a05cfd8270d46a5b3c4995bbaf59efd6d3e5de4fdc29e5
- SHA512
  
  3adec6e9cf5c7ac60f85adb18077ffa1639caf978bfa50ec83629b81984416b723c4e0b5f7982e3e1ee456b8c1496fab737c699a72f188e6c50d43ea199fba8b
- SSDEEP
  
  3072:Q3DLOYedv5MoJptICka6L1qZDUs6G+gSENrOKbIxe01Cz5Mqdqujodd/Jc5793Be:MLOYeMoLtBD6G+3yIxZ1WqqdS09R
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Deletes itself
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2025

Terms | Privacy