smokeloader | 937413cbeaa17df4521d89722acfaa72d3ebde85dcb2a8704dab7b7189683be2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

937413cbeaa17df4521d89722acfaa72d3ebde85dcb2a8704dab7b7189683be2
Size

260KB
Sample

221029-nrwrhafaal
MD5

b9466c49e194e2e88175e26338444208
SHA1

7181d6a2b3d1a6eae00fc5bfb914789f44772a5b
SHA256

937413cbeaa17df4521d89722acfaa72d3ebde85dcb2a8704dab7b7189683be2
SHA512

f6894012c6eb3921825d552b2f173efc9f5e49da31345e9b17fd6e6443e38d2ead53dd01a50f645e1b2023c0ba191def2c2c565d3ff44056b0cca690412c058f
SSDEEP

3072:eHbo+B5c5LQIvo35V50sEwSStxRRXsKEiAM5y9DP4VwsS5IgQb9IjSjkKLz68M/V:d+Be5LQio+sdlbXNAM5Lw/hhjzeb

Score

10^/10

smokeloader backdoor trojan

Malware Config

Targets

- Target
  
  937413cbeaa17df4521d89722acfaa72d3ebde85dcb2a8704dab7b7189683be2
- Size
  
  260KB
- MD5
  
  b9466c49e194e2e88175e26338444208
- SHA1
  
  7181d6a2b3d1a6eae00fc5bfb914789f44772a5b
- SHA256
  
  937413cbeaa17df4521d89722acfaa72d3ebde85dcb2a8704dab7b7189683be2
- SHA512
  
  f6894012c6eb3921825d552b2f173efc9f5e49da31345e9b17fd6e6443e38d2ead53dd01a50f645e1b2023c0ba191def2c2c565d3ff44056b0cca690412c058f
- SSDEEP
  
  3072:eHbo+B5c5LQIvo35V50sEwSStxRRXsKEiAM5y9DP4VwsS5IgQb9IjSjkKLz68M/V:d+Be5LQio+sdlbXNAM5Lw/hhjzeb
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan