smokeloader | b527b5d1c692f55b851564677bddc2801e9b3bfad0cb933a0147a5272f6accbd | Triage

Sharing

General

Target

b527b5d1c692f55b851564677bddc2801e9b3bfad0cb933a0147a5272f6accbd
Size

197KB
Sample

220925-bsmtrseadl
MD5

bff123c598046c26ec80c8754d3f2801
SHA1

0cb7789e925d9a0965b8418667720201d11f8de4
SHA256

b527b5d1c692f55b851564677bddc2801e9b3bfad0cb933a0147a5272f6accbd
SHA512

656cd9cdeea6a083e268aadbb61e8c08051ffabc8a4c502c1ffb24cdf49400b3fd1b991418446947cf628079278aa818bbd514c3c998b98a44f0ec42d4ace003
SSDEEP

3072:/2KsULf4ZZhN5leceupXij5N8I+9DhABVLWM9YLL/PkkXx:LLCZPeDu45+RaWM9k

Score

10^/10

smokeloader backdoor trojan

Malware Config

Targets

- Target
  
  b527b5d1c692f55b851564677bddc2801e9b3bfad0cb933a0147a5272f6accbd
- Size
  
  197KB
- MD5
  
  bff123c598046c26ec80c8754d3f2801
- SHA1
  
  0cb7789e925d9a0965b8418667720201d11f8de4
- SHA256
  
  b527b5d1c692f55b851564677bddc2801e9b3bfad0cb933a0147a5272f6accbd
- SHA512
  
  656cd9cdeea6a083e268aadbb61e8c08051ffabc8a4c502c1ffb24cdf49400b3fd1b991418446947cf628079278aa818bbd514c3c998b98a44f0ec42d4ace003
- SSDEEP
  
  3072:/2KsULf4ZZhN5leceupXij5N8I+9DhABVLWM9YLL/PkkXx:LLCZPeDu45+RaWM9k
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan