smokeloader | 55fd3e0f9b6d100b718f0dcd7769b437e02eefb348581c3334524bd2f5beeee0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

file.exe
Size

175KB
Sample

220925-yx89wshbfm
MD5

91f6588e4dceef88a1bfeb1048e72f06
SHA1

c84fef2e0139bd8f53d4e4dde55fcbcb2215356f
SHA256

55fd3e0f9b6d100b718f0dcd7769b437e02eefb348581c3334524bd2f5beeee0
SHA512

a625a320c69e2b7ec0a1b40d1662899ed29c224e30a4eab57c0f86c8fa1ea520b287e485810ffc027eac2b07f9dd3d4818dd7119e00026665921712e26f2792b
SSDEEP

3072:HliojXGPzz5Y5HsYEdlpin8klDCOzmagZBPJSLyP5x:am5HsYEryblDXz3L

Score

10^/10

smokeloader backdoor trojan

Malware Config

Targets

- Target
  
  file.exe
- Size
  
  175KB
- MD5
  
  91f6588e4dceef88a1bfeb1048e72f06
- SHA1
  
  c84fef2e0139bd8f53d4e4dde55fcbcb2215356f
- SHA256
  
  55fd3e0f9b6d100b718f0dcd7769b437e02eefb348581c3334524bd2f5beeee0
- SHA512
  
  a625a320c69e2b7ec0a1b40d1662899ed29c224e30a4eab57c0f86c8fa1ea520b287e485810ffc027eac2b07f9dd3d4818dd7119e00026665921712e26f2792b
- SSDEEP
  
  3072:HliojXGPzz5Y5HsYEdlpin8klDCOzmagZBPJSLyP5x:am5HsYEryblDXz3L
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoortrojan