smokeloader | 8efce4e7e3c1a753e03a7726011103bcd54c1c27f41acc01a48a21c8bdf0eb63 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

file.exe
Size

279KB
Sample

221005-pvlldaeefr
MD5

0deda5a40fdb8fd510f497b180d5026a
SHA1

542c93dec52734061f6a8e54c3c3117d99fe807e
SHA256

8efce4e7e3c1a753e03a7726011103bcd54c1c27f41acc01a48a21c8bdf0eb63
SHA512

f599208b237d3c52d4b09ebe9a4b0b6c5f78375d39f0acc384591974e4c2d89bf6db6dbe4c6de6ca8efa932d56c13d73182b9684e894beaa185be65510200c6b
SSDEEP

6144:s1hkqaLKKrv/zeHCdQoBojuzbgwumjpjwVfU:s1OqaVrvL2CNEunnBN5

Score

10^/10

smokeloader backdoor trojan

Malware Config

Targets

- Target
  
  file.exe
- Size
  
  279KB
- MD5
  
  0deda5a40fdb8fd510f497b180d5026a
- SHA1
  
  542c93dec52734061f6a8e54c3c3117d99fe807e
- SHA256
  
  8efce4e7e3c1a753e03a7726011103bcd54c1c27f41acc01a48a21c8bdf0eb63
- SHA512
  
  f599208b237d3c52d4b09ebe9a4b0b6c5f78375d39f0acc384591974e4c2d89bf6db6dbe4c6de6ca8efa932d56c13d73182b9684e894beaa185be65510200c6b
- SSDEEP
  
  6144:s1hkqaLKKrv/zeHCdQoBojuzbgwumjpjwVfU:s1OqaVrvL2CNEunnBN5
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoortrojan