smokeloader | a9ff748ee948a9a352191298b0f8b71cee1bbb703ee0c3eb5192e0081331926f | Triage

Submit
Reports

Overview

overview

Static

static

472ba07055...99.exe

windows7-x64

472ba07055...99.exe

windows10-2004-x64

Sharing

General

Target

472ba070553f9b49fdb9ba324624bf99.exe
Size

188KB
Sample

221124-je84vahb72
MD5

472ba070553f9b49fdb9ba324624bf99
SHA1

e8836a6a7cda5715e396ea8deb3e97c7faade2f1
SHA256

a9ff748ee948a9a352191298b0f8b71cee1bbb703ee0c3eb5192e0081331926f
SHA512

d0fd2a11b4e9147886b18efc4de4e07088bcc88715f8e34a2ed39d1bb828dc2d4e5e947a791c69353caa0383c270156ba3c3446d60906d7fae341a5fbf9234ca
SSDEEP

3072:zKpGsgK69sPu4ZcbL546S84NG5t2dmRnvhrv12l1RJt17NRE8rVKn41X:yRfpSbL546St3mBvhrslvJbEYK4p

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

472ba070553f9b49fdb9ba324624bf99.exe

Resource

win7-20221111-en

smokeloader backdoor trojan

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

472ba070553f9b49fdb9ba324624bf99.exe

Resource

win10v2004-20220901-en

smokeloader backdoor trojan

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  472ba070553f9b49fdb9ba324624bf99.exe
- Size
  
  188KB
- MD5
  
  472ba070553f9b49fdb9ba324624bf99
- SHA1
  
  e8836a6a7cda5715e396ea8deb3e97c7faade2f1
- SHA256
  
  a9ff748ee948a9a352191298b0f8b71cee1bbb703ee0c3eb5192e0081331926f
- SHA512
  
  d0fd2a11b4e9147886b18efc4de4e07088bcc88715f8e34a2ed39d1bb828dc2d4e5e947a791c69353caa0383c270156ba3c3446d60906d7fae341a5fbf9234ca
- SSDEEP
  
  3072:zKpGsgK69sPu4ZcbL546S84NG5t2dmRnvhrv12l1RJt17NRE8rVKn41X:yRfpSbL546St3mBvhrslvJbEYK4p
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Blocklisted process makes network request
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy