smokeloader | 8b9f6c3a5fbdb1c6d14706a4c38da1ba3765faa90240e0143d29320e838cd8b4 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-1703-x64

Sharing

General

Target

8b9f6c3a5fbdb1c6d14706a4c38da1ba3765faa90240e0143d29320e838cd8b4
Size

186KB
Sample

230130-mewejabf3v
MD5

12b5e2feea02bea7a342e55bbec3e959
SHA1

cc6fdec0073598af59fc1f911bdb18e5fecd0751
SHA256

8b9f6c3a5fbdb1c6d14706a4c38da1ba3765faa90240e0143d29320e838cd8b4
SHA512

66a16b6387d9a724e4fae80c97de13608289c5c4549e797c00912d76143d5486ecb1446fb88effce3f6135046f89807fddc558956241e66d6a32f78c81dc840b
SSDEEP

3072:ia8igpXL9lCWh51fjUTzH4z9gEg7kIVWOtZQdDUguWgvoHqF:ypXL+WhITzH65OtGCv4

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

8b9f6c3a5fbdb1c6d14706a4c38da1ba3765faa90240e0143d29320e838cd8b4.exe

Resource

win10-20220901-en

smokeloader backdoor trojan

windows10-1703-x64

21 signatures

150 seconds

Malware Config

Targets

- Target
  
  8b9f6c3a5fbdb1c6d14706a4c38da1ba3765faa90240e0143d29320e838cd8b4
- Size
  
  186KB
- MD5
  
  12b5e2feea02bea7a342e55bbec3e959
- SHA1
  
  cc6fdec0073598af59fc1f911bdb18e5fecd0751
- SHA256
  
  8b9f6c3a5fbdb1c6d14706a4c38da1ba3765faa90240e0143d29320e838cd8b4
- SHA512
  
  66a16b6387d9a724e4fae80c97de13608289c5c4549e797c00912d76143d5486ecb1446fb88effce3f6135046f89807fddc558956241e66d6a32f78c81dc840b
- SSDEEP
  
  3072:ia8igpXL9lCWh51fjUTzH4z9gEg7kIVWOtZQdDUguWgvoHqF:ypXL+WhITzH65OtGCv4
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Blocklisted process makes network request
- Downloads MZ/PE file
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2025

Terms | Privacy