smokeloader | 441d07c173ac9893425a224edff31d105744e6a3deace091d719e5465a554c8c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

file.exe
Size

128KB
Sample

220926-vn4q9sbde3
MD5

960cd6e35ff135fd78c4db373a20138a
SHA1

1fb5b4ded8dfd6c69c4c228316b0c9bf2c67e9f8
SHA256

441d07c173ac9893425a224edff31d105744e6a3deace091d719e5465a554c8c
SHA512

e2d5fd93316500d5fe8c9e1e39173c627ef54a00134db283024dc5e702c64a15a3f347e356b7f5233b0fc172fe9b18d69ecea2f5648d3d3ba95df0e4e3c9c8f8
SSDEEP

3072:XhFHTc5tWCFYqrZuUxgH2um04AbSY4s32bzu5B:m6qrZrgHK04lHs3

Score

10^/10

smokeloader backdoor trojan

Malware Config

Targets

- Target
  
  file.exe
- Size
  
  128KB
- MD5
  
  960cd6e35ff135fd78c4db373a20138a
- SHA1
  
  1fb5b4ded8dfd6c69c4c228316b0c9bf2c67e9f8
- SHA256
  
  441d07c173ac9893425a224edff31d105744e6a3deace091d719e5465a554c8c
- SHA512
  
  e2d5fd93316500d5fe8c9e1e39173c627ef54a00134db283024dc5e702c64a15a3f347e356b7f5233b0fc172fe9b18d69ecea2f5648d3d3ba95df0e4e3c9c8f8
- SSDEEP
  
  3072:XhFHTc5tWCFYqrZuUxgH2um04AbSY4s32bzu5B:m6qrZrgHK04lHs3
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoortrojan