smokeloader | 1b2917eef1c746cb0d47c758cc20ac218cca04de229b82775cee496bf72eadb2 | Triage

Sharing

General

Target

1b2917eef1c746cb0d47c758cc20ac218cca04de229b82775cee496bf72eadb2
Size

301KB
Sample

221012-j9gyvadadn
MD5

685ed61c239ce5b7f582eb367eee290f
SHA1

ea29d6c980eaca8dd33e408d2f0bf444354f5e07
SHA256

1b2917eef1c746cb0d47c758cc20ac218cca04de229b82775cee496bf72eadb2
SHA512

9447ce59bbbd3988e2b39945e8f09da7fb1be3e1305eaabad3ad730999de2dadc623ed302dfe609cc9bf6035c6b82e28a7c6ac2b9948355ee7a69a75a07bfc77
SSDEEP

6144:i7csKJ3seulMC5SH24b1EAWeigavwVfquS0n:iQz2euyC5SH24b4TZa

Score

10^/10

smokeloader backdoor trojan

Malware Config

Targets

- Target
  
  1b2917eef1c746cb0d47c758cc20ac218cca04de229b82775cee496bf72eadb2
- Size
  
  301KB
- MD5
  
  685ed61c239ce5b7f582eb367eee290f
- SHA1
  
  ea29d6c980eaca8dd33e408d2f0bf444354f5e07
- SHA256
  
  1b2917eef1c746cb0d47c758cc20ac218cca04de229b82775cee496bf72eadb2
- SHA512
  
  9447ce59bbbd3988e2b39945e8f09da7fb1be3e1305eaabad3ad730999de2dadc623ed302dfe609cc9bf6035c6b82e28a7c6ac2b9948355ee7a69a75a07bfc77
- SSDEEP
  
  6144:i7csKJ3seulMC5SH24b1EAWeigavwVfquS0n:iQz2euyC5SH24b4TZa
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Deletes itself
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan