smokeloader | 1374ba004030cf62e9613df312a4dfe890719b3f33a1ac704f390854c139fab7 | Triage

Sharing

General

Target

1374ba004030cf62e9613df312a4dfe890719b3f33a1ac704f390854c139fab7
Size

150KB
Sample

221127-yb993ahb3x
MD5

a5e636ae5d1283092fd0a8947ebedccf
SHA1

1e9e07fa12b6a5055a83faab1b318f694e40cbf4
SHA256

1374ba004030cf62e9613df312a4dfe890719b3f33a1ac704f390854c139fab7
SHA512

3429e279d72e1dcd593af47887e833f8a355d3631069bae2b76b8663bcca8edb1b4aaaa47515efc1be414c9e1a0a4bb9984a02e5ea517bb50289a9352773b1ea
SSDEEP

3072:Q9dgwqh0PRn4PmqxTssw5AkPhOTw7gE6E7ZhJAnIQ1:08GPqdsPZOT0g7uc

Score

10^/10

smokeloader backdoor trojan

Malware Config

Targets

- Target
  
  1374ba004030cf62e9613df312a4dfe890719b3f33a1ac704f390854c139fab7
- Size
  
  150KB
- MD5
  
  a5e636ae5d1283092fd0a8947ebedccf
- SHA1
  
  1e9e07fa12b6a5055a83faab1b318f694e40cbf4
- SHA256
  
  1374ba004030cf62e9613df312a4dfe890719b3f33a1ac704f390854c139fab7
- SHA512
  
  3429e279d72e1dcd593af47887e833f8a355d3631069bae2b76b8663bcca8edb1b4aaaa47515efc1be414c9e1a0a4bb9984a02e5ea517bb50289a9352773b1ea
- SSDEEP
  
  3072:Q9dgwqh0PRn4PmqxTssw5AkPhOTw7gE6E7ZhJAnIQ1:08GPqdsPZOT0g7uc
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Executes dropped EXE
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan