smokeloader | a6ef9d17ec98d77ce64e3e9a439ed970fe2f777086b07e6f11041e0258090642 | Triage

Submit
Reports

Overview

overview

Static

static

3

dridex

windows10-1703-x64

Sharing

General

Target

a6ef9d17ec98d77ce64e3e9a439ed970fe2f777086b07e6f11041e0258090642
Size

219KB
Sample

230930-vjbvpaeb4x
MD5

2629289c44d3d529f3b0e24847e6b3be
SHA1

3b663d337eb0371dad82cecd74719f48b9f9edec
SHA256

a6ef9d17ec98d77ce64e3e9a439ed970fe2f777086b07e6f11041e0258090642
SHA512

76ff1f5567490ec31db1813909f1160f0b1a2896a0f7a4651d6b0a90681ba74a7645759611a4c9c02f320d2bab7cd864c1ffb540c48bf2127087f46b908259f2
SSDEEP

3072:Ab+yxRTPcC9KQ/6XZe4nOLv5G9mHRSrU5B55/2aIYJ:AjcC97g84iR/x++Z2aI

Score

10^/10

smokeloader pub1 backdoor trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

a6ef9d17ec98d77ce64e3e9a439ed970fe2f777086b07e6f11041e0258090642.exe

Resource

win10-20230915-en

smokeloader pub1 backdoor trojan

windows10-1703-x64

9 signatures

150 seconds

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Extracted

Family

smokeloader

Version

2020

C2

http://host-file-host6.com/

http://host-host-file8.com/

rc4.i32

1
0x33f8f0d2

rc4.i32

1
0xaa0488bb

Targets

- Target
  
  a6ef9d17ec98d77ce64e3e9a439ed970fe2f777086b07e6f11041e0258090642
- Size
  
  219KB
- MD5
  
  2629289c44d3d529f3b0e24847e6b3be
- SHA1
  
  3b663d337eb0371dad82cecd74719f48b9f9edec
- SHA256
  
  a6ef9d17ec98d77ce64e3e9a439ed970fe2f777086b07e6f11041e0258090642
- SHA512
  
  76ff1f5567490ec31db1813909f1160f0b1a2896a0f7a4651d6b0a90681ba74a7645759611a4c9c02f320d2bab7cd864c1ffb540c48bf2127087f46b908259f2
- SSDEEP
  
  3072:Ab+yxRTPcC9KQ/6XZe4nOLv5G9mHRSrU5B55/2aIYJ:AjcC97g84iR/x++Z2aI
Score

10^/10

smokeloader pub1 backdoor trojan
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Deletes itself
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderpub1backdoortrojan

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.