smokeloader | e4a3d5c424ff9572df88d66961157b285196df4a2bc12a1a091d93d4f5d1bf48 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e4a3d5c424ff9572df88d66961157b285196df4a2bc12a1a091d93d4f5d1bf48
Size

189KB
Sample

221121-xe5y3sgb6x
MD5

bdd76137cbdcc21c6637f007344dc50b
SHA1

2959a4ab3450efff4ecd44bbdfd980839a0da3f8
SHA256

e4a3d5c424ff9572df88d66961157b285196df4a2bc12a1a091d93d4f5d1bf48
SHA512

95946701c2535c999baa51a7b6dda8a903c56fafdcb686449dcbfcbc40324bb074d8f7718050870e86e761c530a59382968caeb788279dcea4ef26423b42f1f0
SSDEEP

3072:KQ5yPeB1qUWheah5PB29jQKcSFl1jVhm40A9xUpHAcAB:KQsC+eWB2lQg1eCPU

Score

10^/10

smokeloader backdoor trojan

Malware Config

Targets

- Target
  
  e4a3d5c424ff9572df88d66961157b285196df4a2bc12a1a091d93d4f5d1bf48
- Size
  
  189KB
- MD5
  
  bdd76137cbdcc21c6637f007344dc50b
- SHA1
  
  2959a4ab3450efff4ecd44bbdfd980839a0da3f8
- SHA256
  
  e4a3d5c424ff9572df88d66961157b285196df4a2bc12a1a091d93d4f5d1bf48
- SHA512
  
  95946701c2535c999baa51a7b6dda8a903c56fafdcb686449dcbfcbc40324bb074d8f7718050870e86e761c530a59382968caeb788279dcea4ef26423b42f1f0
- SSDEEP
  
  3072:KQ5yPeB1qUWheah5PB29jQKcSFl1jVhm40A9xUpHAcAB:KQsC+eWB2lQg1eCPU
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Deletes itself
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan