smokeloader | e59cd16900841918c790e69b0adfa583ae483fe8956bd91e23f57683e93b2f6b | Triage

Sharing

General

Target

040bee531281dd8fcfe6d8ced3d5378bac12faa67fa5f972693560c361dec0ed
Size

126KB
Sample

221123-1b76taeh72
MD5

cdc78ecf955641680c57ede4a6d2d3b4
SHA1

b3e2b3224d59f61fca250612a5dbb8a3fee29dea
SHA256

e59cd16900841918c790e69b0adfa583ae483fe8956bd91e23f57683e93b2f6b
SHA512

9d5c7551c9663a6f5a551657627ab28c216c6f0ca270e75d6eb610c07884ab91757f0ae88b4dc679bc4b8e59c2cec922223fa7b9e4c0ed9db779653acd945bb0
SSDEEP

3072:oVldpC5ek0kXlRBdQO31uoaLZMKAfLx55wAaXGMs9knms:oXS5hdVR0guJox55ZaXGvs

Score

10^/10

smokeloader backdoor trojan

Malware Config

Targets

- Target
  
  040bee531281dd8fcfe6d8ced3d5378bac12faa67fa5f972693560c361dec0ed
- Size
  
  186KB
- MD5
  
  190218cd1f147ff77bd6c1e667b496c4
- SHA1
  
  f53c0d0bc50447fc83fd79d342932870b18a5517
- SHA256
  
  040bee531281dd8fcfe6d8ced3d5378bac12faa67fa5f972693560c361dec0ed
- SHA512
  
  d723d0f5d0dbb7c79d4276effe177e88024b28d4dbeaf4b8a76c2958f5d19b1a5496c4b8574b5f97bd42a38183e71db9656e95aaf5b0f7b60d587e3ab12358f4
- SSDEEP
  
  3072:Uuu8l+NkLRZ6cZW0bk5kBhmL3x55wAaXGMsxiu0nMMw:fuILnhZzj/mL3x55ZaXGxiu0n
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoortrojan