smokeloader | ea126da81631d2ff5e6d37214c50ad426b4f74971e38202f7f54018b876b4ec5 | Triage

Sharing

General

Target

ea126da81631d2ff5e6d37214c50ad426b4f74971e38202f7f54018b876b4ec5
Size

146KB
Sample

221006-gjsxbaggbl
MD5

6982568a7e1f632c04133cd5fc4b03e3
SHA1

ae3e5aad7cc7bb5289818434d80d50576624eaa8
SHA256

ea126da81631d2ff5e6d37214c50ad426b4f74971e38202f7f54018b876b4ec5
SHA512

65235485f753036c27ff1fa43bcdff0e7c98dc34d785375c530ca40433c396ddb353b05eebba1cde544576b24cea10b1780474bcf08e7cbefd37ad993ead6c18
SSDEEP

3072:EcAJvVzM++pkt54AViD1fyBMsKrJL0y9O:fmdaEGQ2UM7Ln9

Score

10^/10

smokeloader backdoor trojan

Malware Config

Targets

- Target
  
  ea126da81631d2ff5e6d37214c50ad426b4f74971e38202f7f54018b876b4ec5
- Size
  
  146KB
- MD5
  
  6982568a7e1f632c04133cd5fc4b03e3
- SHA1
  
  ae3e5aad7cc7bb5289818434d80d50576624eaa8
- SHA256
  
  ea126da81631d2ff5e6d37214c50ad426b4f74971e38202f7f54018b876b4ec5
- SHA512
  
  65235485f753036c27ff1fa43bcdff0e7c98dc34d785375c530ca40433c396ddb353b05eebba1cde544576b24cea10b1780474bcf08e7cbefd37ad993ead6c18
- SSDEEP
  
  3072:EcAJvVzM++pkt54AViD1fyBMsKrJL0y9O:fmdaEGQ2UM7Ln9
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Deletes itself
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan