smokeloader | 6422f4557c2e828568ff72792171a70532fb8be1e7f456d83760dbc3630b86c0 | Triage

Submit
Reports

Overview

overview

Static

static

1

dridex

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

6422f4557c2e828568ff72792171a70532fb8be1e7f456d83760dbc3630b86c0
Size

316KB
Sample

230306-j7xarabc54
MD5

eca49b2c5a4a93873f6e4fcc951b8bd7
SHA1

8e3ce74dd53b87b91ec22d0c93cdcad588547219
SHA256

6422f4557c2e828568ff72792171a70532fb8be1e7f456d83760dbc3630b86c0
SHA512

c27aa021fc6eae4bad58be9fa5c470e71019e4af8d52522b71d3dc9815984845a6793c057230e21b3aa4f87cdc9b26cb985f38ec5a4905f3e9da03fc414f0271
SSDEEP

3072:8dIToMrCZLkcOLnrMORDVsaLiaKXG881McAHe9UG47r4mLDI:SIbrkLULrnVsaeaKZ8mcA+4gm

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

6422f4557c2e828568ff72792171a70532fb8be1e7f456d83760dbc3630b86c0.exe

Resource

win10v2004-20230220-en

smokeloader backdoor trojan

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Extracted

Family

smokeloader

Version

2020

C2

http://host-file-host6.com/

http://host-host-file8.com/

rc4.i32

rc4.i32

Targets

- Target
  
  6422f4557c2e828568ff72792171a70532fb8be1e7f456d83760dbc3630b86c0
- Size
  
  316KB
- MD5
  
  eca49b2c5a4a93873f6e4fcc951b8bd7
- SHA1
  
  8e3ce74dd53b87b91ec22d0c93cdcad588547219
- SHA256
  
  6422f4557c2e828568ff72792171a70532fb8be1e7f456d83760dbc3630b86c0
- SHA512
  
  c27aa021fc6eae4bad58be9fa5c470e71019e4af8d52522b71d3dc9815984845a6793c057230e21b3aa4f87cdc9b26cb985f38ec5a4905f3e9da03fc414f0271
- SSDEEP
  
  3072:8dIToMrCZLkcOLnrMORDVsaLiaKXG881McAHe9UG47r4mLDI:SIbrkLULrnVsaeaKZ8mcA+4gm
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

© 2018-2025

Terms | Privacy