smokeloader | bf208fc9b92c061d4754d3528e7176d19348176aebb5bbf84a1edbd203a308dc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

424e38aef866b35155b098f315ac1bb00ae6550b2856f5b47667ed859cf236f0
Size

115KB
Sample

221127-ta5kzahh26
MD5

8fa29c99461217ceae81c59eed2fd5fa
SHA1

5ff81ecee75d30a30126109e69fdcadc5355b571
SHA256

bf208fc9b92c061d4754d3528e7176d19348176aebb5bbf84a1edbd203a308dc
SHA512

32d3284730eaa6b66f591bbc3d6512b0d98d7441f64e344cfa599a85463cbc8998e4e357486ab4905d72c0e056d80a3d99a2b2b10368249d819d12e61cb5726f
SSDEEP

3072:vu/19hOAdWEca2/uAKZK006mj+NZzcX56u:m9hOLEZvxK0068+XcX7

Score

10^/10

smokeloader backdoor trojan

Malware Config

Targets

- Target
  
  424e38aef866b35155b098f315ac1bb00ae6550b2856f5b47667ed859cf236f0
- Size
  
  168KB
- MD5
  
  9831ca5d7052b34c78fd323a2e557fd3
- SHA1
  
  33cc39182abfe7f2c777fa7c5faa52b8e30b7f63
- SHA256
  
  424e38aef866b35155b098f315ac1bb00ae6550b2856f5b47667ed859cf236f0
- SHA512
  
  c54d3f26d05b89058d3f3fc7fa830aaf81e21faa9103030347d14bb30638502be0f96c4dffbaf0cb383e158487190ebe98a4db0f73a6de907d30b20800a09e11
- SSDEEP
  
  3072:rjN9fE1GTK5KS5kuh/wu9hzguRVVgitpb4IQ40:Ps16K5N/T9hcuRVuUd
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoortrojan