smokeloader | 1c8f44a3c1d28496af209d24a68d30ff72a5b8cd7cc625a8739812d37fbe0671 | Triage

Sharing

General

Target

1c8f44a3c1d28496af209d24a68d30ff72a5b8cd7cc625a8739812d37fbe0671
Size

187KB
Sample

221123-qnttvahd7z
MD5

52f1b8b893671ec39ff07a984ae86021
SHA1

85ad4789e4f450336dee3597751ef6f0605fa409
SHA256

1c8f44a3c1d28496af209d24a68d30ff72a5b8cd7cc625a8739812d37fbe0671
SHA512

05c23ed6c63f223365715143296ee82dc524643447074c373bda06201abce9f076d980384e45bb286ad40db73d5caf3972551aa52e87b86ccd101e8a82a67b90
SSDEEP

3072:lehtfACnxTzLLSDWmns5N0XHq9ybRgCPNxP/b8Do+:EhxxLLSDVX3sc7FD0

Score

10^/10

smokeloader backdoor trojan

Malware Config

Targets

- Target
  
  1c8f44a3c1d28496af209d24a68d30ff72a5b8cd7cc625a8739812d37fbe0671
- Size
  
  187KB
- MD5
  
  52f1b8b893671ec39ff07a984ae86021
- SHA1
  
  85ad4789e4f450336dee3597751ef6f0605fa409
- SHA256
  
  1c8f44a3c1d28496af209d24a68d30ff72a5b8cd7cc625a8739812d37fbe0671
- SHA512
  
  05c23ed6c63f223365715143296ee82dc524643447074c373bda06201abce9f076d980384e45bb286ad40db73d5caf3972551aa52e87b86ccd101e8a82a67b90
- SSDEEP
  
  3072:lehtfACnxTzLLSDWmns5N0XHq9ybRgCPNxP/b8Do+:EhxxLLSDVX3sc7FD0
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Deletes itself
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan