smokeloader | ebfb4d57d2cc2dd63ca6a22574800239c9822c86770620c43d976ca9535c74a9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ebfb4d57d2cc2dd63ca6a22574800239c9822c86770620c43d976ca9535c74a9
Size

228KB
Sample

221019-shgcnsdddr
MD5

49cd4c24be22f9e3b65dfa49c6ac187a
SHA1

fb5c3c9897d5c4957dc026dd75f90b7a250bc00f
SHA256

ebfb4d57d2cc2dd63ca6a22574800239c9822c86770620c43d976ca9535c74a9
SHA512

23426bb27c35e68dd2ede2476f5f1063233f8eaa00a4fcf5884852386f15c15b4793c1201deb7303020b93ca57acf4c441363139c6b9219020f4bf0d8f44e5c3
SSDEEP

3072:2uGZt0wyAQoPr4kgmL6OBtWfgG6FetDFl45vgW+jnGKDtFKIEaJraBsYp9v/ZJO:2uC0LoTtLdBt6/xqgNjhKIEaeLv

Score

10^/10

smokeloader backdoor trojan

Malware Config

Targets

- Target
  
  ebfb4d57d2cc2dd63ca6a22574800239c9822c86770620c43d976ca9535c74a9
- Size
  
  228KB
- MD5
  
  49cd4c24be22f9e3b65dfa49c6ac187a
- SHA1
  
  fb5c3c9897d5c4957dc026dd75f90b7a250bc00f
- SHA256
  
  ebfb4d57d2cc2dd63ca6a22574800239c9822c86770620c43d976ca9535c74a9
- SHA512
  
  23426bb27c35e68dd2ede2476f5f1063233f8eaa00a4fcf5884852386f15c15b4793c1201deb7303020b93ca57acf4c441363139c6b9219020f4bf0d8f44e5c3
- SSDEEP
  
  3072:2uGZt0wyAQoPr4kgmL6OBtWfgG6FetDFl45vgW+jnGKDtFKIEaJraBsYp9v/ZJO:2uC0LoTtLdBt6/xqgNjhKIEaeLv
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan