smokeloader | 7666517e0a3c68a39f0ef2d7231c440a6d7e98dfc38a8c30c2fb86c4bd652b1d | Triage

Submit
Reports

Overview

overview

Static

static

1

dridex

windows10-1703-x64

Sharing

Copy URL Twitter E-mail

General

Target

7666517e0a3c68a39f0ef2d7231c440a6d7e98dfc38a8c30c2fb86c4bd652b1d
Size

192KB
Sample

230204-z9vspsaa5v
MD5

520a5461798bdf11b75766a4e8d9767f
SHA1

09277566f7ff560789d7ce7c0182b5f3053e189d
SHA256

7666517e0a3c68a39f0ef2d7231c440a6d7e98dfc38a8c30c2fb86c4bd652b1d
SHA512

7e193c84e725d8b399aecd07ddcd93ceb223179e1c802f38f1a0bc5f5b8ad2a20dafca366a31fad29b4737c9916833817a12407bbb5fd875ff8956a88e76116c
SSDEEP

3072:4M/O5ZmLn7nLXwHWDL58NjlEhICMhxzO6ytZA2ztIvUrlkNh7ogse1Fm:4M/JnnLgHLNjqhI/kVxIvQlSbsI

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

7666517e0a3c68a39f0ef2d7231c440a6d7e98dfc38a8c30c2fb86c4bd652b1d.exe

Resource

win10-20220812-en

smokeloader backdoor trojan

windows10-1703-x64

21 signatures

150 seconds

Malware Config

Targets

- Target
  
  7666517e0a3c68a39f0ef2d7231c440a6d7e98dfc38a8c30c2fb86c4bd652b1d
- Size
  
  192KB
- MD5
  
  520a5461798bdf11b75766a4e8d9767f
- SHA1
  
  09277566f7ff560789d7ce7c0182b5f3053e189d
- SHA256
  
  7666517e0a3c68a39f0ef2d7231c440a6d7e98dfc38a8c30c2fb86c4bd652b1d
- SHA512
  
  7e193c84e725d8b399aecd07ddcd93ceb223179e1c802f38f1a0bc5f5b8ad2a20dafca366a31fad29b4737c9916833817a12407bbb5fd875ff8956a88e76116c
- SSDEEP
  
  3072:4M/O5ZmLn7nLXwHWDL58NjlEhICMhxzO6ytZA2ztIvUrlkNh7ogse1Fm:4M/JnnLgHLNjqhI/kVxIvQlSbsI
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Blocklisted process makes network request
- Downloads MZ/PE file
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2025

Terms | Privacy