smokeloader | 3886b293db6254deffd11144d220bb8007676fd1306f5e517dcafb297cec71cb | Triage

Sharing

General

Target

3886b293db6254deffd11144d220bb8007676fd1306f5e517dcafb297cec71cb
Size

185KB
Sample

221123-l45h3adb22
MD5

263cd8df6bac6e35c2fd10b61d44d7a3
SHA1

4e3c677904ca5d96e61a7bfd3aea31c98964af50
SHA256

3886b293db6254deffd11144d220bb8007676fd1306f5e517dcafb297cec71cb
SHA512

7d6e03bbcc60eb1ec1088aea709f766ee806e6f793319669c92a5ec966a0efc0217b5a05d964fccbed7e3ac1f07cffd9dec79e0d661b95b1e2ef1ca03052e086
SSDEEP

3072:ElBJn99H1zcLmPZWAulD65N3v4/JXiWIw6fDgDMTlTlmOFmDS:UnFgLmPZbui34awMDgmlEMd

Score

10^/10

smokeloader backdoor trojan

Malware Config

Targets

- Target
  
  3886b293db6254deffd11144d220bb8007676fd1306f5e517dcafb297cec71cb
- Size
  
  185KB
- MD5
  
  263cd8df6bac6e35c2fd10b61d44d7a3
- SHA1
  
  4e3c677904ca5d96e61a7bfd3aea31c98964af50
- SHA256
  
  3886b293db6254deffd11144d220bb8007676fd1306f5e517dcafb297cec71cb
- SHA512
  
  7d6e03bbcc60eb1ec1088aea709f766ee806e6f793319669c92a5ec966a0efc0217b5a05d964fccbed7e3ac1f07cffd9dec79e0d661b95b1e2ef1ca03052e086
- SSDEEP
  
  3072:ElBJn99H1zcLmPZWAulD65N3v4/JXiWIw6fDgDMTlTlmOFmDS:UnFgLmPZbui34awMDgmlEMd
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Deletes itself
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan