smokeloader | 99872c156e74a697c2211c78af95688749bddce6d1970607acd1de16479f027a | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

99872c156e74a697c2211c78af95688749bddce6d1970607acd1de16479f027a
Size

225KB
Sample

230201-q6be8ahg55
MD5

841ad94638decf88198549851d091a9d
SHA1

2fc6b18a7803e3b35bf912e942f489a0636e2fd8
SHA256

99872c156e74a697c2211c78af95688749bddce6d1970607acd1de16479f027a
SHA512

5dd18e7ab219ba775969736e7752639e19dea9cee798ca632269ae97b1d17115d00a73d20c1eb1e76b8e8a6de8c56ddb6e3f8824932ba43724ceca27c825387e
SSDEEP

3072:QqsG38ViwcHMLtkWAmb5PC0Ok+TWwIZRZoD4ML3PyR/oxvLA4PpWwPFj:Qqs4HsLtkZmhClWzZR44M7Ko5LA4h

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

99872c156e74a697c2211c78af95688749bddce6d1970607acd1de16479f027a.exe

Resource

win10v2004-20221111-en

smokeloader backdoor trojan

windows10-2004-x64

21 signatures

150 seconds

Malware Config

Targets

- Target
  
  99872c156e74a697c2211c78af95688749bddce6d1970607acd1de16479f027a
- Size
  
  225KB
- MD5
  
  841ad94638decf88198549851d091a9d
- SHA1
  
  2fc6b18a7803e3b35bf912e942f489a0636e2fd8
- SHA256
  
  99872c156e74a697c2211c78af95688749bddce6d1970607acd1de16479f027a
- SHA512
  
  5dd18e7ab219ba775969736e7752639e19dea9cee798ca632269ae97b1d17115d00a73d20c1eb1e76b8e8a6de8c56ddb6e3f8824932ba43724ceca27c825387e
- SSDEEP
  
  3072:QqsG38ViwcHMLtkWAmb5PC0Ok+TWwIZRZoD4ML3PyR/oxvLA4PpWwPFj:Qqs4HsLtkZmhClWzZR44M7Ko5LA4h
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Blocklisted process makes network request
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy