smokeloader | 9251e4d0d3f92f96f9484dc240ad5aecd74cd4ebe709fa609c60e6973057e28d | Triage

Submit
Reports

Overview

overview

Static

static

lab.exe

windows7-x64

lab.exe

windows10-2004-x64

Sharing

General

Target

lab.exe
Size

186KB
Sample

221124-t5qejaah5s
MD5

746bacf7a1977e9cd4228989a0287862
SHA1

ef4785397069ec19c0f7e60771a51d1949b05ea6
SHA256

9251e4d0d3f92f96f9484dc240ad5aecd74cd4ebe709fa609c60e6973057e28d
SHA512

e36bf1ef8e5c5a5ca0c7d7b8c3d9a2ff0f08dfaa042e8ea9ea81fba8352d592095d9373e3189a7cfc2ca13b326ded7f98383fe93d8f2c86d87216324c1da6217
SSDEEP

3072:eAsKG2vHpIrSWqLGd/+YlGB5kOcFKgHmqVC/64VykD9nDBE71MnT55P:KKAzqLGd/+85FKc+JBE76nTD

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

lab.exe

Resource

win7-20220901-en

smokeloader backdoor trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

lab.exe

Resource

win10v2004-20220812-en

smokeloader backdoor trojan

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  lab.exe
- Size
  
  186KB
- MD5
  
  746bacf7a1977e9cd4228989a0287862
- SHA1
  
  ef4785397069ec19c0f7e60771a51d1949b05ea6
- SHA256
  
  9251e4d0d3f92f96f9484dc240ad5aecd74cd4ebe709fa609c60e6973057e28d
- SHA512
  
  e36bf1ef8e5c5a5ca0c7d7b8c3d9a2ff0f08dfaa042e8ea9ea81fba8352d592095d9373e3189a7cfc2ca13b326ded7f98383fe93d8f2c86d87216324c1da6217
- SSDEEP
  
  3072:eAsKG2vHpIrSWqLGd/+YlGB5kOcFKgHmqVC/64VykD9nDBE71MnT55P:KKAzqLGd/+85FKc+JBE76nTD
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy