smokeloader | 1bf5c01b8ffbe00de4fe6cd25e0b2b61e172888a33485aee7923965d86b6a36e | Triage

Sharing

General

Target

1bf5c01b8ffbe00de4fe6cd25e0b2b61e172888a33485aee7923965d86b6a36e
Size

294KB
Sample

221008-eqs5jseag3
MD5

d2bd054fa91c2fed8d1389777851722b
SHA1

3d5a0bae7998e454664db2fab20a7394d11aac9f
SHA256

1bf5c01b8ffbe00de4fe6cd25e0b2b61e172888a33485aee7923965d86b6a36e
SHA512

3222e0cd59e89d3c7352c013f01ad0bf88e94671ef967a2f6d842cd63e7ef784a3b930a4da1b8093de9ed1d304ca769e5e03386a037efe9a5a19f0494c9197e5
SSDEEP

6144:pp4NSd0bVGSJ3aD3Ot+oMe17ITsqeewVf6XO:pRxaqzZbe17RW

Score

10^/10

smokeloader backdoor trojan

Malware Config

Targets

- Target
  
  1bf5c01b8ffbe00de4fe6cd25e0b2b61e172888a33485aee7923965d86b6a36e
- Size
  
  294KB
- MD5
  
  d2bd054fa91c2fed8d1389777851722b
- SHA1
  
  3d5a0bae7998e454664db2fab20a7394d11aac9f
- SHA256
  
  1bf5c01b8ffbe00de4fe6cd25e0b2b61e172888a33485aee7923965d86b6a36e
- SHA512
  
  3222e0cd59e89d3c7352c013f01ad0bf88e94671ef967a2f6d842cd63e7ef784a3b930a4da1b8093de9ed1d304ca769e5e03386a037efe9a5a19f0494c9197e5
- SSDEEP
  
  6144:pp4NSd0bVGSJ3aD3Ot+oMe17ITsqeewVf6XO:pRxaqzZbe17RW
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Executes dropped EXE
- Deletes itself
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan