smokeloader | 55b1cf688ddd0c8eb1c27a72739365fd6589c0d16f45443ab164cc0e7f9fca41 | Triage

Sharing

General

Target

55b1cf688ddd0c8eb1c27a72739365fd6589c0d16f45443ab164cc0e7f9fca41
Size

169KB
Sample

220923-hd7zqahcgr
MD5

f7f3c2fe5ebeb43994b00a6b223ae698
SHA1

1c5106430b43b484a83c76ba0c4dc9563404fb1b
SHA256

55b1cf688ddd0c8eb1c27a72739365fd6589c0d16f45443ab164cc0e7f9fca41
SHA512

90adf357314a225a66585068561f5e5ae4a4db3d2e71d0e9d93a0b8a1b3680afacaf59333ee4fefbc17d3380e91f4f57ced67d4e83d7f066871d840af10385bd
SSDEEP

3072:IF8LHx5csvn69d0Ht7jJSUXvRHtOZjBAs4rD03/PkWDn:xLHgsv69dDUpHtnJ

Score

10^/10

smokeloader backdoor trojan

Malware Config

Targets

- Target
  
  55b1cf688ddd0c8eb1c27a72739365fd6589c0d16f45443ab164cc0e7f9fca41
- Size
  
  169KB
- MD5
  
  f7f3c2fe5ebeb43994b00a6b223ae698
- SHA1
  
  1c5106430b43b484a83c76ba0c4dc9563404fb1b
- SHA256
  
  55b1cf688ddd0c8eb1c27a72739365fd6589c0d16f45443ab164cc0e7f9fca41
- SHA512
  
  90adf357314a225a66585068561f5e5ae4a4db3d2e71d0e9d93a0b8a1b3680afacaf59333ee4fefbc17d3380e91f4f57ced67d4e83d7f066871d840af10385bd
- SSDEEP
  
  3072:IF8LHx5csvn69d0Ht7jJSUXvRHtOZjBAs4rD03/PkWDn:xLHgsv69dDUpHtnJ
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Executes dropped EXE
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan