smokeloader | 4871e2f76348bd7dbfdfe25c1e70744f209e43f7ea60ab83c94b85ddea292bb7 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

4871e2f76348bd7dbfdfe25c1e70744f209e43f7ea60ab83c94b85ddea292bb7
Size

258KB
Sample

230116-fwj99shf76
MD5

0fea8e8cfd3de0b8f934dccf78c0e2c7
SHA1

d8e7bb6e00198b75763a99799d266f91868d93d0
SHA256

4871e2f76348bd7dbfdfe25c1e70744f209e43f7ea60ab83c94b85ddea292bb7
SHA512

88f1096f9226534dd4c38e492ea3c21e33e52c304db8d31ace64465686eda0d42601a05bc51e7268978b8f30434bff642d86eaa19b46fc92538c656c3a226095
SSDEEP

3072:wt6PNhhILjldwC4ixDvcElofeYy6Y9ers3Fw22g1c5UAZf7q/1iEcaVkQU:86VhWLjn14i9Ko6YIs3SHsc5U4zqQna

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

4871e2f76348bd7dbfdfe25c1e70744f209e43f7ea60ab83c94b85ddea292bb7.exe

Resource

win10v2004-20221111-en

smokeloader backdoor trojan

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  4871e2f76348bd7dbfdfe25c1e70744f209e43f7ea60ab83c94b85ddea292bb7
- Size
  
  258KB
- MD5
  
  0fea8e8cfd3de0b8f934dccf78c0e2c7
- SHA1
  
  d8e7bb6e00198b75763a99799d266f91868d93d0
- SHA256
  
  4871e2f76348bd7dbfdfe25c1e70744f209e43f7ea60ab83c94b85ddea292bb7
- SHA512
  
  88f1096f9226534dd4c38e492ea3c21e33e52c304db8d31ace64465686eda0d42601a05bc51e7268978b8f30434bff642d86eaa19b46fc92538c656c3a226095
- SSDEEP
  
  3072:wt6PNhhILjldwC4ixDvcElofeYy6Y9ers3Fw22g1c5UAZf7q/1iEcaVkQU:86VhWLjn14i9Ko6YIs3SHsc5U4zqQna
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy