smokeloader | dcf966eead7681ec35151399018ff5eac7450c1b98a3ce1e3717a5eb01d70fe2 | Triage

Sharing

General

Target

dcf966eead7681ec35151399018ff5eac7450c1b98a3ce1e3717a5eb01d70fe2
Size

169KB
Sample

220923-h7cqnshdgk
MD5

59d22ed8b05f61e9293e7321e491fcf0
SHA1

351d88257e3055b973b9cb2c384cf0a9c3a45695
SHA256

dcf966eead7681ec35151399018ff5eac7450c1b98a3ce1e3717a5eb01d70fe2
SHA512

385250729e5853e237620c3eaa05df7149a06565b80b6ab6822318794b6bbf6153c8909fcacecc698f31cde1e60cdddbad3c8ab782b51f8460fd25c3a2402b46
SSDEEP

3072:8guELk5/5nc9xwk3A++PuXbVe7axvB5iGm6/PkW4n:9JLOVcwk35+PGhl8

Score

10^/10

smokeloader backdoor trojan

Malware Config

Targets

- Target
  
  dcf966eead7681ec35151399018ff5eac7450c1b98a3ce1e3717a5eb01d70fe2
- Size
  
  169KB
- MD5
  
  59d22ed8b05f61e9293e7321e491fcf0
- SHA1
  
  351d88257e3055b973b9cb2c384cf0a9c3a45695
- SHA256
  
  dcf966eead7681ec35151399018ff5eac7450c1b98a3ce1e3717a5eb01d70fe2
- SHA512
  
  385250729e5853e237620c3eaa05df7149a06565b80b6ab6822318794b6bbf6153c8909fcacecc698f31cde1e60cdddbad3c8ab782b51f8460fd25c3a2402b46
- SSDEEP
  
  3072:8guELk5/5nc9xwk3A++PuXbVe7axvB5iGm6/PkW4n:9JLOVcwk35+PGhl8
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan