smokeloader | 415863c6cc22a405d8e00c37017884fb09e65f736f191b27992631f1135e312c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

file.exe
Size

147KB
Sample

221001-t5yqxagcf6
MD5

0735b9330ef57d808031ab091b7c1ab3
SHA1

6224f88db4ebf56b87295dc8319dcd90cf22a51e
SHA256

415863c6cc22a405d8e00c37017884fb09e65f736f191b27992631f1135e312c
SHA512

6b22dee6a1caa665a5585c5e86b34d283d6de24ea13149783b4a91fc43cab6e8dec2a46bf60e4e3cf26ae1388d56b0ac80eb550dcc93a266e662d6f8437d1e45
SSDEEP

1536:Krn4MiBfSsY6AWFTd2ZGRe3a+e+miLO8WL6oKgSfJjJRWE8yWVXWkkRnVN5+jnZF:KrtQ6ZGRM3e+m381oK7gpWkez+NSS7

Score

10^/10

smokeloader backdoor trojan

Malware Config

Targets

- Target
  
  file.exe
- Size
  
  147KB
- MD5
  
  0735b9330ef57d808031ab091b7c1ab3
- SHA1
  
  6224f88db4ebf56b87295dc8319dcd90cf22a51e
- SHA256
  
  415863c6cc22a405d8e00c37017884fb09e65f736f191b27992631f1135e312c
- SHA512
  
  6b22dee6a1caa665a5585c5e86b34d283d6de24ea13149783b4a91fc43cab6e8dec2a46bf60e4e3cf26ae1388d56b0ac80eb550dcc93a266e662d6f8437d1e45
- SSDEEP
  
  1536:Krn4MiBfSsY6AWFTd2ZGRe3a+e+miLO8WL6oKgSfJjJRWE8yWVXWkkRnVN5+jnZF:KrtQ6ZGRM3e+m381oK7gpWkez+NSS7
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoortrojan