smokeloader | 9668ae47fef38bddebcff440619f04646785cf39283145fb59253588dd8be550 | Triage

Sharing

General

Target

9668ae47fef38bddebcff440619f04646785cf39283145fb59253588dd8be550
Size

265KB
Sample

221004-ycrjcacedl
MD5

ad9b489c554662e0542cdb9352eead7f
SHA1

c789a87e6a840bdf02fbb30c5a61cb7057c8ab1f
SHA256

9668ae47fef38bddebcff440619f04646785cf39283145fb59253588dd8be550
SHA512

959bb1d850943b11ee45a2d07bcd0a1aa1a6b4139a924f81646d8928ec754c274596badca9dd788e746eadb44a6ebda715881f8a7b3c566f1e0eec09fba0a78e
SSDEEP

3072:cXhowSUWLyaFvP896zSU55/O7P1nlfT2sXQNU9lH88UWrxpzbgqru+CkVpZa9uDr:YNKL/Uk5/O7dnlVXntUuzbgwuKVwVf

Score

10^/10

smokeloader backdoor trojan

Malware Config

Targets

- Target
  
  9668ae47fef38bddebcff440619f04646785cf39283145fb59253588dd8be550
- Size
  
  265KB
- MD5
  
  ad9b489c554662e0542cdb9352eead7f
- SHA1
  
  c789a87e6a840bdf02fbb30c5a61cb7057c8ab1f
- SHA256
  
  9668ae47fef38bddebcff440619f04646785cf39283145fb59253588dd8be550
- SHA512
  
  959bb1d850943b11ee45a2d07bcd0a1aa1a6b4139a924f81646d8928ec754c274596badca9dd788e746eadb44a6ebda715881f8a7b3c566f1e0eec09fba0a78e
- SSDEEP
  
  3072:cXhowSUWLyaFvP896zSU55/O7P1nlfT2sXQNU9lH88UWrxpzbgqru+CkVpZa9uDr:YNKL/Uk5/O7dnlVXntUuzbgwuKVwVf
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Executes dropped EXE
- Deletes itself
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan