smokeloader | 8a7947d78886677ab54ad417277476ca2601ef622190bb8babef966a90f4fa32 | Triage

Resubmissions

05/10/2022, 20:13

221005-yznqzafea6 10

05/10/2022, 19:04

221005-xq1thafcf5 10

Sharing

Copy URL Twitter E-mail

General

Target

8a7947d78886677ab54ad417277476ca2601ef622190bb8babef966a90f4fa32
Size

272KB
Sample

221005-yznqzafea6
MD5

675e9414a68b50c67bc00e57c6ca449f
SHA1

d6ca1d548c5cadffc8560d26e644976f038f6b94
SHA256

8a7947d78886677ab54ad417277476ca2601ef622190bb8babef966a90f4fa32
SHA512

0ed80413536b5679a5ba9c3bec2acc647886ecc8523036aa36154b6bff0df50735699f8ee7854656ed65b9875f5ff57dc9230873e1f3cb329a06a4d3418dbce2
SSDEEP

6144:ZWvk2wwLVejbo9RYW/qXyEFGyT+Buzbgwu6K8wVfU4:Zewwhejq6W/qzhTIunnhK04

Score

10^/10

smokeloader backdoor trojan

Malware Config

Targets

- Target
  
  8a7947d78886677ab54ad417277476ca2601ef622190bb8babef966a90f4fa32
- Size
  
  272KB
- MD5
  
  675e9414a68b50c67bc00e57c6ca449f
- SHA1
  
  d6ca1d548c5cadffc8560d26e644976f038f6b94
- SHA256
  
  8a7947d78886677ab54ad417277476ca2601ef622190bb8babef966a90f4fa32
- SHA512
  
  0ed80413536b5679a5ba9c3bec2acc647886ecc8523036aa36154b6bff0df50735699f8ee7854656ed65b9875f5ff57dc9230873e1f3cb329a06a4d3418dbce2
- SSDEEP
  
  6144:ZWvk2wwLVejbo9RYW/qXyEFGyT+Buzbgwu6K8wVfU4:Zewwhejq6W/qzhTIunnhK04
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan