smokeloader | fcc91b2d22038dbc8fa9ce224c189fe6be4e99eb6fc25ade5cf815967c207865 | Triage

Sharing

General

Target

fcc91b2d22038dbc8fa9ce224c189fe6be4e99eb6fc25ade5cf815967c207865.exe
Size

266KB
Sample

221019-zy7ccsggh8
MD5

5487786bb3c17fc7f647ed91b5ab8fa8
SHA1

f691b6016a8809acc3e47cf58ab92dd907e8c921
SHA256

fcc91b2d22038dbc8fa9ce224c189fe6be4e99eb6fc25ade5cf815967c207865
SHA512

7cd00dc0838d45025d6ac234f9508c7fd4e4e6fd2d2c4562a09f4608a751484531191ba227b588234d1152c5cf0e97b72b54e2526cc24f04d8a1f7280d0e5d51
SSDEEP

6144:wBNyrCZUZB2Yu/fIGoBpmIuzbgwuNwVfs:wB8OZUZMIGoBNunng

Score

10^/10

smokeloader backdoor trojan

Malware Config

Targets

- Target
  
  fcc91b2d22038dbc8fa9ce224c189fe6be4e99eb6fc25ade5cf815967c207865.exe
- Size
  
  266KB
- MD5
  
  5487786bb3c17fc7f647ed91b5ab8fa8
- SHA1
  
  f691b6016a8809acc3e47cf58ab92dd907e8c921
- SHA256
  
  fcc91b2d22038dbc8fa9ce224c189fe6be4e99eb6fc25ade5cf815967c207865
- SHA512
  
  7cd00dc0838d45025d6ac234f9508c7fd4e4e6fd2d2c4562a09f4608a751484531191ba227b588234d1152c5cf0e97b72b54e2526cc24f04d8a1f7280d0e5d51
- SSDEEP
  
  6144:wBNyrCZUZB2Yu/fIGoBpmIuzbgwuNwVfs:wB8OZUZMIGoBNunng
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoortrojan