smokeloader | f013c3ca65988e33a69ab268d6d191788166c3debc7e5054bf241f78ec6b872f | Triage

Sharing

General

Target

f013c3ca65988e33a69ab268d6d191788166c3debc7e5054bf241f78ec6b872f
Size

145KB
Sample

221006-dqk89sgdgl
MD5

6e78204a9c3287b2540490beb5ee5d89
SHA1

cb8db6fb43e9dd63a5fc6a08a61ab844f8d01225
SHA256

f013c3ca65988e33a69ab268d6d191788166c3debc7e5054bf241f78ec6b872f
SHA512

aadff8c9575f7c22e710f41e5c44214a148f64da4476ea939aa4e4d91d4237193a59f42822e5eef66587732c962e356b5ec2d7bb896be667f35095098ddffc21
SSDEEP

3072:73RFoGhfPle3FJPneN+sS8AL0pxfWuJ1kC8BGQPdGzlPM1O:j4G8Xnhs80iuJUBL4Ja

Score

10^/10

smokeloader backdoor trojan

Malware Config

Targets

- Target
  
  f013c3ca65988e33a69ab268d6d191788166c3debc7e5054bf241f78ec6b872f
- Size
  
  145KB
- MD5
  
  6e78204a9c3287b2540490beb5ee5d89
- SHA1
  
  cb8db6fb43e9dd63a5fc6a08a61ab844f8d01225
- SHA256
  
  f013c3ca65988e33a69ab268d6d191788166c3debc7e5054bf241f78ec6b872f
- SHA512
  
  aadff8c9575f7c22e710f41e5c44214a148f64da4476ea939aa4e4d91d4237193a59f42822e5eef66587732c962e356b5ec2d7bb896be667f35095098ddffc21
- SSDEEP
  
  3072:73RFoGhfPle3FJPneN+sS8AL0pxfWuJ1kC8BGQPdGzlPM1O:j4G8Xnhs80iuJUBL4Ja
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Deletes itself
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan