smokeloader | 285fc522f37347a181acf2a9148214e1d99207d4f637753718adb5afbd89fe6d | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-1703-x64

Sharing

General

Target

285fc522f37347a181acf2a9148214e1d99207d4f637753718adb5afbd89fe6d
Size

334KB
Sample

230103-jfm8rsea4x
MD5

06e195f77d2a6df6a6aed4c4bce34bea
SHA1

2cc1b7c898cbee94012efd7c654db5db0a167c21
SHA256

285fc522f37347a181acf2a9148214e1d99207d4f637753718adb5afbd89fe6d
SHA512

f90087e5f67f33c6f1c39a3cfdc7cac334c28025236d56e343141635c73da39f37abea5e5d25f62f4f68df1981b45d02c2ddef3a3afb09f36d430330125afdeb
SSDEEP

6144:yvdLwX9lGRNFJMZyM4fjAWTM4xVvkHb+ewx:QdsX9gdJRMqXTMENi+r

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

285fc522f37347a181acf2a9148214e1d99207d4f637753718adb5afbd89fe6d.exe

Resource

win10-20220812-en

smokeloader backdoor trojan

windows10-1703-x64

21 signatures

150 seconds

Malware Config

Targets

- Target
  
  285fc522f37347a181acf2a9148214e1d99207d4f637753718adb5afbd89fe6d
- Size
  
  334KB
- MD5
  
  06e195f77d2a6df6a6aed4c4bce34bea
- SHA1
  
  2cc1b7c898cbee94012efd7c654db5db0a167c21
- SHA256
  
  285fc522f37347a181acf2a9148214e1d99207d4f637753718adb5afbd89fe6d
- SHA512
  
  f90087e5f67f33c6f1c39a3cfdc7cac334c28025236d56e343141635c73da39f37abea5e5d25f62f4f68df1981b45d02c2ddef3a3afb09f36d430330125afdeb
- SSDEEP
  
  6144:yvdLwX9lGRNFJMZyM4fjAWTM4xVvkHb+ewx:QdsX9gdJRMqXTMENi+r
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Blocklisted process makes network request
- Downloads MZ/PE file
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy