smokeloader | 05581c40ffe6b5631c5ecbbe13083483c272ad33339f102f8b4ffecb520f3512 | Triage

Sharing

General

Target

05581c40ffe6b5631c5ecbbe13083483c272ad33339f102f8b4ffecb520f3512
Size

167KB
Sample

221125-x412esch5w
MD5

4d8f8fdcaaf332e3376eaf4987d2f36c
SHA1

36f8b6b35407e6af3a23d57d82ef318bddf6bf75
SHA256

05581c40ffe6b5631c5ecbbe13083483c272ad33339f102f8b4ffecb520f3512
SHA512

af826f24d6e016e551162267ac70acb42959b5759616f3424edf00d4c72f158bd5b81bcec2e224c3df264f8ef9cd1b5b57e34d87bdeb31c83b4de3fd4e7ad86d
SSDEEP

3072:7ATLtJYUU4Cu5LS5KYNm4NaVDZvBA0mmjVpPaoUBS3dj:waUbf57QlY7vBA0Lh5Q+

Score

10^/10

smokeloader backdoor trojan

Malware Config

Targets

- Target
  
  05581c40ffe6b5631c5ecbbe13083483c272ad33339f102f8b4ffecb520f3512
- Size
  
  167KB
- MD5
  
  4d8f8fdcaaf332e3376eaf4987d2f36c
- SHA1
  
  36f8b6b35407e6af3a23d57d82ef318bddf6bf75
- SHA256
  
  05581c40ffe6b5631c5ecbbe13083483c272ad33339f102f8b4ffecb520f3512
- SHA512
  
  af826f24d6e016e551162267ac70acb42959b5759616f3424edf00d4c72f158bd5b81bcec2e224c3df264f8ef9cd1b5b57e34d87bdeb31c83b4de3fd4e7ad86d
- SSDEEP
  
  3072:7ATLtJYUU4Cu5LS5KYNm4NaVDZvBA0mmjVpPaoUBS3dj:waUbf57QlY7vBA0Lh5Q+
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Deletes itself
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan