smokeloader | e393488653a9316ffae14cc8a2b7e347c8ad3d3fd2d12b21165323eff3f0db47 | Triage

Sharing

General

Target

e393488653a9316ffae14cc8a2b7e347c8ad3d3fd2d12b21165323eff3f0db47
Size

185KB
Sample

221123-mq4kaaaa3s
MD5

be15ee66c14a98e64c2b169f4b9e76d0
SHA1

532a8aff2dee5571fc92598d5d5863f80172d8ca
SHA256

e393488653a9316ffae14cc8a2b7e347c8ad3d3fd2d12b21165323eff3f0db47
SHA512

809857f4391ea058837f7a3c75854012d308b793083643e6f3bcfc5cebcd06fc386069369ef85635147fd8a9e8811a03997eecacc498ac6bdcd0d49d4e6f171d
SSDEEP

3072:Zqlo9F7qLbo23p4WjvO54h2AuzgBUe5Osvsm6ZD6RyoSmdAn02iWPM5:YltLbL3p4wAzgBUe5OsvD6QyoFMTU

Score

10^/10

smokeloader backdoor trojan

Malware Config

Targets

- Target
  
  e393488653a9316ffae14cc8a2b7e347c8ad3d3fd2d12b21165323eff3f0db47
- Size
  
  185KB
- MD5
  
  be15ee66c14a98e64c2b169f4b9e76d0
- SHA1
  
  532a8aff2dee5571fc92598d5d5863f80172d8ca
- SHA256
  
  e393488653a9316ffae14cc8a2b7e347c8ad3d3fd2d12b21165323eff3f0db47
- SHA512
  
  809857f4391ea058837f7a3c75854012d308b793083643e6f3bcfc5cebcd06fc386069369ef85635147fd8a9e8811a03997eecacc498ac6bdcd0d49d4e6f171d
- SSDEEP
  
  3072:Zqlo9F7qLbo23p4WjvO54h2AuzgBUe5Osvsm6ZD6RyoSmdAn02iWPM5:YltLbL3p4wAzgBUe5OsvD6QyoFMTU
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Deletes itself
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan