smokeloader | c0f878edbe2f866d194b574bbf1f096ead0701f661766a791c06035def343587 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

c0f878edbe2f866d194b574bbf1f096ead0701f661766a791c06035def343587
Size

239KB
Sample

230101-gn6nzabc42
MD5

a107c678b1a5cc20064cdda3f40f2936
SHA1

91a3638c22a90f43ee0e481057ffbbf20c608d5c
SHA256

c0f878edbe2f866d194b574bbf1f096ead0701f661766a791c06035def343587
SHA512

879c1bf4b545f61f488140ef00bdb53ec206716c5ebd0d5b66b8b74d847247599a9cca18a732a8a17ef43a40742453fd1d17556d15624a281c27aec682b9a37e
SSDEEP

3072:zX84m0oLpVY+21I5UURvjgG4TwUlCTSk3+5iismqfISE27hZY:rcLB212VV4TwUgTSU+ZfoRZY

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

c0f878edbe2f866d194b574bbf1f096ead0701f661766a791c06035def343587.exe

Resource

win10v2004-20220812-en

smokeloader backdoor trojan

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  c0f878edbe2f866d194b574bbf1f096ead0701f661766a791c06035def343587
- Size
  
  239KB
- MD5
  
  a107c678b1a5cc20064cdda3f40f2936
- SHA1
  
  91a3638c22a90f43ee0e481057ffbbf20c608d5c
- SHA256
  
  c0f878edbe2f866d194b574bbf1f096ead0701f661766a791c06035def343587
- SHA512
  
  879c1bf4b545f61f488140ef00bdb53ec206716c5ebd0d5b66b8b74d847247599a9cca18a732a8a17ef43a40742453fd1d17556d15624a281c27aec682b9a37e
- SSDEEP
  
  3072:zX84m0oLpVY+21I5UURvjgG4TwUlCTSk3+5iismqfISE27hZY:rcLB212VV4TwUgTSU+ZfoRZY
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy