smokeloader | eee254dda1325f5cee8e909d0bebf802bbfe480d015b48f053c2f59d0da6483c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

eee254dda1325f5cee8e909d0bebf802bbfe480d015b48f053c2f59d0da6483c
Size

187KB
Sample

220923-z5marshhe9
MD5

b42c03f915be8cb352f6f3ae6f2f9017
SHA1

3659e21888dc7638519ea0969a4953cff458a264
SHA256

eee254dda1325f5cee8e909d0bebf802bbfe480d015b48f053c2f59d0da6483c
SHA512

33b58bc1e56237b114bf672b0a77912831d278707fa4bfdf56ed0d94b775da7f1972fb1f055dce593c2860492096df763a78c9e40757a646da7b6d02d61dc939
SSDEEP

3072:zKB8QZ2LrCzMA51o1qn6p0AHTejspxjzXNKsBI6Z7F/Pk44x:EuLoMgKB0AHijexjzXNKH

Score

10^/10

smokeloader backdoor trojan

Malware Config

Targets

- Target
  
  eee254dda1325f5cee8e909d0bebf802bbfe480d015b48f053c2f59d0da6483c
- Size
  
  187KB
- MD5
  
  b42c03f915be8cb352f6f3ae6f2f9017
- SHA1
  
  3659e21888dc7638519ea0969a4953cff458a264
- SHA256
  
  eee254dda1325f5cee8e909d0bebf802bbfe480d015b48f053c2f59d0da6483c
- SHA512
  
  33b58bc1e56237b114bf672b0a77912831d278707fa4bfdf56ed0d94b775da7f1972fb1f055dce593c2860492096df763a78c9e40757a646da7b6d02d61dc939
- SSDEEP
  
  3072:zKB8QZ2LrCzMA51o1qn6p0AHTejspxjzXNKsBI6Z7F/Pk44x:EuLoMgKB0AHijexjzXNKH
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Executes dropped EXE
- Deletes itself
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan