smokeloader | 4ef6733c288c2f39fbabe0543e4a01709b86a6ebca10193a95e208bffb99c92f | Triage

Sharing

General

Target

4ef6733c288c2f39fbabe0543e4a01709b86a6ebca10193a95e208bffb99c92f
Size

274KB
Sample

221128-w5x6gsbf8s
MD5

17aa2b0f509a5dd6809ad5873b23442d
SHA1

14a2284919f65ff27e1e22da2791b6d62da5cff1
SHA256

4ef6733c288c2f39fbabe0543e4a01709b86a6ebca10193a95e208bffb99c92f
SHA512

a354afe36b41b9da37e0cb363ccda8cf3f46e86ef173d8156c8c57f66c03486df7ffd7c613220da0fe7814620fa6a36b80d07e7d00f6dfa3c02ae001b6bc6884
SSDEEP

6144:X83Dd2+2WYVANxzXETb71sLfo911D0VFvg4/FQF:mR2+iCtw71gfQ0DgSm

Score

10^/10

smokeloader backdoor trojan

Malware Config

Targets

- Target
  
  4ef6733c288c2f39fbabe0543e4a01709b86a6ebca10193a95e208bffb99c92f
- Size
  
  274KB
- MD5
  
  17aa2b0f509a5dd6809ad5873b23442d
- SHA1
  
  14a2284919f65ff27e1e22da2791b6d62da5cff1
- SHA256
  
  4ef6733c288c2f39fbabe0543e4a01709b86a6ebca10193a95e208bffb99c92f
- SHA512
  
  a354afe36b41b9da37e0cb363ccda8cf3f46e86ef173d8156c8c57f66c03486df7ffd7c613220da0fe7814620fa6a36b80d07e7d00f6dfa3c02ae001b6bc6884
- SSDEEP
  
  6144:X83Dd2+2WYVANxzXETb71sLfo911D0VFvg4/FQF:mR2+iCtw71gfQ0DgSm
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Downloads MZ/PE file
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan