smokeloader | 834343c552dbcdbdb420dbb882bf134323d076f2dab499442a1b51fd27ecff15 | Triage

Submit
Reports

Overview

overview

Static

static

3

dridex

windows10-2004-x64

Sharing

General

Target

834343c552dbcdbdb420dbb882bf134323d076f2dab499442a1b51fd27ecff15
Size

217KB
Sample

230818-pz2hdshe43
MD5

d5ce19b90ee52a63f519b658ca534a5d
SHA1

205d2b87317600675b7fd8ec24defa86fcc1391e
SHA256

834343c552dbcdbdb420dbb882bf134323d076f2dab499442a1b51fd27ecff15
SHA512

b66d438107fe0a61e58325c2afb946be193fb8fe4147f731a4fce0ec4a826ef23a6e0816b3e8839516071acd7a7df1bc2f0a5d39deae3fe4589bc7fda2f6075d
SSDEEP

3072:mFW6antL7HAqfFOx6X4rv5oTk0hQ+q2KZ+2m0AhuF45cUDW+EI:sWntL7AqfFOx6X4rv5os2KZOYTUDW+N

Score

10^/10

smokeloader pub1 backdoor trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

834343c552dbcdbdb420dbb882bf134323d076f2dab499442a1b51fd27ecff15.exe

Resource

win10v2004-20230703-en

smokeloader pub1 backdoor trojan

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Extracted

Family

smokeloader

Version

2020

C2

http://host-file-host6.com/

http://host-host-file8.com/

rc4.i32

rc4.i32

Targets

- Target
  
  834343c552dbcdbdb420dbb882bf134323d076f2dab499442a1b51fd27ecff15
- Size
  
  217KB
- MD5
  
  d5ce19b90ee52a63f519b658ca534a5d
- SHA1
  
  205d2b87317600675b7fd8ec24defa86fcc1391e
- SHA256
  
  834343c552dbcdbdb420dbb882bf134323d076f2dab499442a1b51fd27ecff15
- SHA512
  
  b66d438107fe0a61e58325c2afb946be193fb8fe4147f731a4fce0ec4a826ef23a6e0816b3e8839516071acd7a7df1bc2f0a5d39deae3fe4589bc7fda2f6075d
- SSDEEP
  
  3072:mFW6antL7HAqfFOx6X4rv5oTk0hQ+q2KZ+2m0AhuF45cUDW+EI:sWntL7AqfFOx6X4rv5os2KZOYTUDW+N
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

© 2018-2024

Terms | Privacy