smokeloader | b2d67b33662d67cf67df6e52227008a0a9d782907814e098cebb12c1159c02da | Triage

Submit
Reports

Overview

overview

Static

static

1

dridex

windows10-2004-x64

Sharing

General

Target

b2d67b33662d67cf67df6e52227008a0a9d782907814e098cebb12c1159c02da
Size

325KB
Sample

230206-pdjepadg76
MD5

cb28cb6a4479bdcf031e1cfbceec7349
SHA1

dac836b25d613946262c98f2970932d7a9ed72ac
SHA256

b2d67b33662d67cf67df6e52227008a0a9d782907814e098cebb12c1159c02da
SHA512

ff6cd2b5fefe6ee0f55e677c7f306c8a1325fafd76a88b9654d39ad9a01846b28e31f37934de22d345be6be182e58788814ceb206557bb9b0515ff5e1e40ad4c
SSDEEP

6144:ExZLEmS0cqqF+yZ+9whUK/z20alQQGuk6oeC8L:ExZImSgf1uQGrmC8

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

b2d67b33662d67cf67df6e52227008a0a9d782907814e098cebb12c1159c02da.exe

Resource

win10v2004-20221111-en

smokeloader backdoor trojan

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  b2d67b33662d67cf67df6e52227008a0a9d782907814e098cebb12c1159c02da
- Size
  
  325KB
- MD5
  
  cb28cb6a4479bdcf031e1cfbceec7349
- SHA1
  
  dac836b25d613946262c98f2970932d7a9ed72ac
- SHA256
  
  b2d67b33662d67cf67df6e52227008a0a9d782907814e098cebb12c1159c02da
- SHA512
  
  ff6cd2b5fefe6ee0f55e677c7f306c8a1325fafd76a88b9654d39ad9a01846b28e31f37934de22d345be6be182e58788814ceb206557bb9b0515ff5e1e40ad4c
- SSDEEP
  
  6144:ExZLEmS0cqqF+yZ+9whUK/z20alQQGuk6oeC8L:ExZImSgf1uQGrmC8
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2025

Terms | Privacy