smokeloader | 5f3314f8e9b201972b6e685c80d10a51b421abaa8699eb8cc3f08fc3f52f4f8d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5f3314f8e9b201972b6e685c80d10a51b421abaa8699eb8cc3f08fc3f52f4f8d
Size

256KB
Sample

221027-fwgt5sahcp
MD5

121c80b88536276905c85fcb8b5e1dbf
SHA1

b7800d410d392123f8f6c996d18a1d9f4dc63097
SHA256

5f3314f8e9b201972b6e685c80d10a51b421abaa8699eb8cc3f08fc3f52f4f8d
SHA512

aeefed89a6be321763df36b87bdc411795e6678c5f6cf6e4186756e6447f33bdaa122d156f5b9dfaf8144a4e91e3a55b17813973d51bcf788a6df4c3d317c5ec
SSDEEP

3072:pXihFumr3/n8UigpTiEKkRvyqXz9rd17eAPCyPHyw3DxxOwBh:NWumr33ZiErn3de0C8B37X

Score

10^/10

smokeloader backdoor trojan

Malware Config

Targets

- Target
  
  5f3314f8e9b201972b6e685c80d10a51b421abaa8699eb8cc3f08fc3f52f4f8d
- Size
  
  256KB
- MD5
  
  121c80b88536276905c85fcb8b5e1dbf
- SHA1
  
  b7800d410d392123f8f6c996d18a1d9f4dc63097
- SHA256
  
  5f3314f8e9b201972b6e685c80d10a51b421abaa8699eb8cc3f08fc3f52f4f8d
- SHA512
  
  aeefed89a6be321763df36b87bdc411795e6678c5f6cf6e4186756e6447f33bdaa122d156f5b9dfaf8144a4e91e3a55b17813973d51bcf788a6df4c3d317c5ec
- SSDEEP
  
  3072:pXihFumr3/n8UigpTiEKkRvyqXz9rd17eAPCyPHyw3DxxOwBh:NWumr33ZiErn3de0C8B37X
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Deletes itself
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan