smokeloader | 4ec3a319cad3d784a83fb3fb42fe1b18669201c75c45c02d9021e661a3a2f96b | Triage

Submit
Reports

Overview

overview

Static

static

file.exe

windows7-x64

file.exe

windows10-2004-x64

Sharing

General

Target

file.exe
Size

159KB
Sample

221123-xj7y8sab9z
MD5

030f925a3406f704b24cd97c5e3bb943
SHA1

835a13eb1dc87183b4254be978a381c7b432b430
SHA256

4ec3a319cad3d784a83fb3fb42fe1b18669201c75c45c02d9021e661a3a2f96b
SHA512

586bf0a9726854bf0e41e973a9391951abb5694c56c1227fdc59145c1fe9c9ba902e83f88daf9874d1c3e2d450db622c1bc1bac85a1c5150162a01b8986f9149
SSDEEP

3072:9HAD81llOzI7LiLSnUzS5LZESJ7FffacuOyNbqfn8Rxq5RrL:KDdzI7mLSn3ESb1f8eB

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

file.exe

Resource

win7-20220901-en

smokeloader backdoor trojan

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

file.exe

Resource

win10v2004-20221111-en

smokeloader backdoor trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  file.exe
- Size
  
  159KB
- MD5
  
  030f925a3406f704b24cd97c5e3bb943
- SHA1
  
  835a13eb1dc87183b4254be978a381c7b432b430
- SHA256
  
  4ec3a319cad3d784a83fb3fb42fe1b18669201c75c45c02d9021e661a3a2f96b
- SHA512
  
  586bf0a9726854bf0e41e973a9391951abb5694c56c1227fdc59145c1fe9c9ba902e83f88daf9874d1c3e2d450db622c1bc1bac85a1c5150162a01b8986f9149
- SSDEEP
  
  3072:9HAD81llOzI7LiLSnUzS5LZESJ7FffacuOyNbqfn8Rxq5RrL:KDdzI7mLSn3ESb1f8eB
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy