smokeloader | 9d0ed29da9c72921ceac602504df0abe90d6c17a9f7dfa14a81c86dabcfb9c14 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

file.exe
Size

153KB
Sample

220926-k9lsgaacc9
MD5

f3be15e87c00f23212cf9d35ee75c2d0
SHA1

15000eada216d5d108c88d35b2e02e22c17be884
SHA256

9d0ed29da9c72921ceac602504df0abe90d6c17a9f7dfa14a81c86dabcfb9c14
SHA512

a54ccc9b2c72988231ff2486c9d7e975e64ba72a8aca0b5697c29532c68bc9b5727b7fef53f2ffc09b6eb95d35c9ede45524fdea0221ee410cb8ee073de478b7
SSDEEP

3072:FwNJjwz5iX3qHhsEz0soRYCdUX7X2dM0wYM0EVBJh3g46J8+5B:Ausa1iwJYMjxhw46a

Score

10^/10

smokeloader backdoor trojan

Malware Config

Targets

- Target
  
  file.exe
- Size
  
  153KB
- MD5
  
  f3be15e87c00f23212cf9d35ee75c2d0
- SHA1
  
  15000eada216d5d108c88d35b2e02e22c17be884
- SHA256
  
  9d0ed29da9c72921ceac602504df0abe90d6c17a9f7dfa14a81c86dabcfb9c14
- SHA512
  
  a54ccc9b2c72988231ff2486c9d7e975e64ba72a8aca0b5697c29532c68bc9b5727b7fef53f2ffc09b6eb95d35c9ede45524fdea0221ee410cb8ee073de478b7
- SSDEEP
  
  3072:FwNJjwz5iX3qHhsEz0soRYCdUX7X2dM0wYM0EVBJh3g46J8+5B:Ausa1iwJYMjxhw46a
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoortrojan