smokeloader | d91a4674343f13b0f6d683adc3280eb8c187a11c5b37102ef26c461780a8195f | Triage

Sharing

General

Target

d91a4674343f13b0f6d683adc3280eb8c187a11c5b37102ef26c461780a8195f
Size

146KB
Sample

221006-wd2plaadcn
MD5

9a4b68074d50033d99605121691cb1c4
SHA1

e3927a1e603cf85e6ac92a12e4701acc62f9b3de
SHA256

d91a4674343f13b0f6d683adc3280eb8c187a11c5b37102ef26c461780a8195f
SHA512

257455e13918a784d9720a4d3a72cc77f76359c6e14e5dcb56789bbf4ad244ce92bc3662cb1d2139d1662122f9fd0ac8868e95f591dc5483ed6d313314047f49
SSDEEP

3072:8e2s/xPLu1stElvdIYR0hJ11BtIpaJg8sRjIeER66SxL8O:8e1ZPLu1soIYSJRt2gMRsVR66gw

Score

10^/10

smokeloader backdoor trojan

Malware Config

Targets

- Target
  
  d91a4674343f13b0f6d683adc3280eb8c187a11c5b37102ef26c461780a8195f
- Size
  
  146KB
- MD5
  
  9a4b68074d50033d99605121691cb1c4
- SHA1
  
  e3927a1e603cf85e6ac92a12e4701acc62f9b3de
- SHA256
  
  d91a4674343f13b0f6d683adc3280eb8c187a11c5b37102ef26c461780a8195f
- SHA512
  
  257455e13918a784d9720a4d3a72cc77f76359c6e14e5dcb56789bbf4ad244ce92bc3662cb1d2139d1662122f9fd0ac8868e95f591dc5483ed6d313314047f49
- SSDEEP
  
  3072:8e2s/xPLu1stElvdIYR0hJ11BtIpaJg8sRjIeER66SxL8O:8e1ZPLu1soIYSJRt2gMRsVR66gw
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Executes dropped EXE
- Deletes itself
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan