smokeloader | 79061b723aee5058268de0f5a71caa086b88ea76d566f68784967d406c65fb7d | Triage

Submit
Reports

Overview

overview

Static

static

1

dridex

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

79061b723aee5058268de0f5a71caa086b88ea76d566f68784967d406c65fb7d
Size

195KB
Sample

230206-dhdjfsfc4w
MD5

7eeaad9d84d40a4e1893ade902bb10be
SHA1

342c1d77e945f94ce949214a73e17b3b32b8ca1c
SHA256

79061b723aee5058268de0f5a71caa086b88ea76d566f68784967d406c65fb7d
SHA512

c735e4e07d681df2f9ac03b06fc0a319e034171e49b274d2667912385b53225cc8f86fa6b14c823180307cb7d32df3382b0ee6a1c1f337f3c3456e7868869c5d
SSDEEP

3072:nWaKOUu1E7/L8soLl3+yWrA+J5iLjLm2QCccwspGNdNooSjs:WaKjbULp+yScR9cxIkdPS

Score

10^/10

smokeloader backdoor discovery trojan

Static task

static1

Behavioral task

behavioral1

Sample

79061b723aee5058268de0f5a71caa086b88ea76d566f68784967d406c65fb7d.exe

Resource

win10v2004-20221111-en

smokeloader backdoor discovery trojan

windows10-2004-x64

22 signatures

150 seconds

Malware Config

Targets

- Target
  
  79061b723aee5058268de0f5a71caa086b88ea76d566f68784967d406c65fb7d
- Size
  
  195KB
- MD5
  
  7eeaad9d84d40a4e1893ade902bb10be
- SHA1
  
  342c1d77e945f94ce949214a73e17b3b32b8ca1c
- SHA256
  
  79061b723aee5058268de0f5a71caa086b88ea76d566f68784967d406c65fb7d
- SHA512
  
  c735e4e07d681df2f9ac03b06fc0a319e034171e49b274d2667912385b53225cc8f86fa6b14c823180307cb7d32df3382b0ee6a1c1f337f3c3456e7868869c5d
- SSDEEP
  
  3072:nWaKOUu1E7/L8soLl3+yWrA+J5iLjLm2QCccwspGNdNooSjs:WaKjbULp+yScR9cxIkdPS
Score

10^/10

smokeloader backdoor discovery trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Blocklisted process makes network request
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoordiscoverytrojan

© 2018-2025

Terms | Privacy