smokeloader | f196b5f6fa1fdfc9b1f50746b7801525709037b59181e0cbf22662ce4f3513bc | Triage

Sharing

General

Target

f196b5f6fa1fdfc9b1f50746b7801525709037b59181e0cbf22662ce4f3513bc
Size

146KB
Sample

221127-c1l3wada55
MD5

a8474a1fa75b1405282fd7b0d262560f
SHA1

5a398cacba0743e1cddaa21d26ca24b5be056efb
SHA256

f196b5f6fa1fdfc9b1f50746b7801525709037b59181e0cbf22662ce4f3513bc
SHA512

0f82e0606797741580146bbcb61d1bda308c50bd264c704032859714dd0e66c432264c097f4163452f1c20c51ce7b3c5c9aa534a200084abeecd1400547dcf84
SSDEEP

3072:0D+dKsDohyFNB5vjw+9jMpIRXh4mIrmi7DNKaE:9WgF9w+sIVh4mIrVN

Score

10^/10

smokeloader backdoor trojan

Malware Config

Targets

- Target
  
  f196b5f6fa1fdfc9b1f50746b7801525709037b59181e0cbf22662ce4f3513bc
- Size
  
  146KB
- MD5
  
  a8474a1fa75b1405282fd7b0d262560f
- SHA1
  
  5a398cacba0743e1cddaa21d26ca24b5be056efb
- SHA256
  
  f196b5f6fa1fdfc9b1f50746b7801525709037b59181e0cbf22662ce4f3513bc
- SHA512
  
  0f82e0606797741580146bbcb61d1bda308c50bd264c704032859714dd0e66c432264c097f4163452f1c20c51ce7b3c5c9aa534a200084abeecd1400547dcf84
- SSDEEP
  
  3072:0D+dKsDohyFNB5vjw+9jMpIRXh4mIrmi7DNKaE:9WgF9w+sIVh4mIrVN
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan