smokeloader | f93ba32f22e747dec19ebdf57fc8b1f775feca04f70a69d0660b905956b246f4 | Triage

Sharing

General

Target

f93ba32f22e747dec19ebdf57fc8b1f775feca04f70a69d0660b905956b246f4
Size

144KB
Sample

221001-p679hsgae6
MD5

3508ff32f2a887c1e452f01d11e1646b
SHA1

1b57b9527a6e7f76d4a532f98a0bf6cfa738e29f
SHA256

f93ba32f22e747dec19ebdf57fc8b1f775feca04f70a69d0660b905956b246f4
SHA512

0b64825535c0379179e00fe3fcb2ebb482af5fb182557aaffa4c3a1133bb7b41460a4747e6d20a757755b20f6f2c58f2c128e3d1ae00c09fa78c30c6f81bfc36
SSDEEP

3072:h6rNR6+ZRRuQ4ed/ndZm0+YDVvM1jpvDhGuvF:QR6SR/y70v4pDNvF

Score

10^/10

smokeloader backdoor trojan

Malware Config

Targets

- Target
  
  f93ba32f22e747dec19ebdf57fc8b1f775feca04f70a69d0660b905956b246f4
- Size
  
  144KB
- MD5
  
  3508ff32f2a887c1e452f01d11e1646b
- SHA1
  
  1b57b9527a6e7f76d4a532f98a0bf6cfa738e29f
- SHA256
  
  f93ba32f22e747dec19ebdf57fc8b1f775feca04f70a69d0660b905956b246f4
- SHA512
  
  0b64825535c0379179e00fe3fcb2ebb482af5fb182557aaffa4c3a1133bb7b41460a4747e6d20a757755b20f6f2c58f2c128e3d1ae00c09fa78c30c6f81bfc36
- SSDEEP
  
  3072:h6rNR6+ZRRuQ4ed/ndZm0+YDVvM1jpvDhGuvF:QR6SR/y70v4pDNvF
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Executes dropped EXE
- Deletes itself
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan