smokeloader | 515a347c42d336daf7f75144acd5a3fb1bc11ddb306c900808ff23f327c6155f | Triage

Submit
Reports

Overview

overview

Static

static

a10ae4664c...88.exe

windows7-x64

a10ae4664c...88.exe

windows10-2004-x64

Sharing

General

Target

a10ae4664c0ca545e23219fb56fccf6c5cfb2d1aacad5af66cd183deb4606988
Size

126KB
Sample

221123-xcfw6see94
MD5

5317a7b9ba40035ce92c19d59a7a882c
SHA1

5627791f014dd200b197d46e2a9b24fca0eab2b8
SHA256

515a347c42d336daf7f75144acd5a3fb1bc11ddb306c900808ff23f327c6155f
SHA512

31610d717ad9449ea90e762cd6b4b5586e6a475881dc53e752d6e82b0afbb210b7aef56742e5477ad672da083bea5676ef03fccd6d54c93f3ce092bae07076eb
SSDEEP

3072:6RoRpkegjRBlPv/1qDJM3kkfvrDjKH1SaMCxQQ+S02HQ1O:6R1RBhvdqm3k0K1SajxQQK2wQ

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

a10ae4664c0ca545e23219fb56fccf6c5cfb2d1aacad5af66cd183deb4606988.exe

Resource

win7-20220812-en

smokeloader backdoor trojan

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

a10ae4664c0ca545e23219fb56fccf6c5cfb2d1aacad5af66cd183deb4606988.exe

Resource

win10v2004-20221111-en

smokeloader backdoor trojan

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  a10ae4664c0ca545e23219fb56fccf6c5cfb2d1aacad5af66cd183deb4606988
- Size
  
  186KB
- MD5
  
  d2e0a8b004e9d159fa9b733e6c3ce51b
- SHA1
  
  cae2d2dcb30fe1a9b6807d8cd17fe9380f288663
- SHA256
  
  a10ae4664c0ca545e23219fb56fccf6c5cfb2d1aacad5af66cd183deb4606988
- SHA512
  
  1062ac90d6dd9a9143dd87322a7c8f81e80ac68647c2fea6ca0364bdd396591897723c7d3d4f66ddc7e898aae0a7063feae350112d594310a0bf22e1145778ac
- SSDEEP
  
  3072:3DAZxCwSP3kLEw4WVko5nRp8WonpkwaMCxQQ+S02GxIsmF+0xbOj:TA4P0LEw4WB8nSwajxQQK2gI1FBxbOj
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Downloads MZ/PE file
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy