smokeloader | 2a777ef4d19fa4387c1fae0cba2d69ca44b071a58b7348346be3eaf98b95e198 | Triage

Submit
Reports

Overview

overview

Static

static

78077ff1e8...4a.exe

windows7-x64

78077ff1e8...4a.exe

windows10-2004-x64

Sharing

General

Target

78077ff1e8c109107f9e8ad54c9a3660e3f8e966d61a5cd6b219e5d5226f104a
Size

104KB
Sample

221129-18jvgscg94
MD5

1c4396e196393be9bac844357e3f933a
SHA1

4acfc9b3b9d647d0739c4dcf54ba6091ecf4ff53
SHA256

2a777ef4d19fa4387c1fae0cba2d69ca44b071a58b7348346be3eaf98b95e198
SHA512

5b14660dcb33c8bb01e0a92abf046b39389586e51f403e9c93e6f5181ff2c9433be4c6d13062caf835750a2b8b18d8647a3cc41caf0f5b3808bd3725f06a5048
SSDEEP

3072:5ist8kcqaEfVPrZelPQKKd9q1AkyxOGSQ0:rtoarwP5KdEAItX

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

78077ff1e8c109107f9e8ad54c9a3660e3f8e966d61a5cd6b219e5d5226f104a.exe

Resource

win7-20220812-en

smokeloader backdoor trojan

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

78077ff1e8c109107f9e8ad54c9a3660e3f8e966d61a5cd6b219e5d5226f104a.exe

Resource

win10v2004-20220812-en

smokeloader backdoor trojan

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  78077ff1e8c109107f9e8ad54c9a3660e3f8e966d61a5cd6b219e5d5226f104a
- Size
  
  146KB
- MD5
  
  9b6af8aaca95df0fbced0a38e0f42fec
- SHA1
  
  27f2cb6e6c79f9ec7243c474d89a9017ce1458a0
- SHA256
  
  78077ff1e8c109107f9e8ad54c9a3660e3f8e966d61a5cd6b219e5d5226f104a
- SHA512
  
  d0da8ec346c5063214055e65ad64a3ee8d4d0b07645c1db069a421d47983a24f0e11ec94c990f0eadbd2a05ab38d548992655816965058f56eb9ba592005d415
- SSDEEP
  
  3072:0uFIXsAQyv5ENrlf0f6jMV2XtfhMsiBJ0FDCAvQ:lzAQ5lfC6jp6BJob
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Downloads MZ/PE file
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy