smokeloader | 1f29516dde719e6114e87cd063aa22e4dbceb23da89c86d21b665f0ccc1d11a7 | Triage

Sharing

General

Target

647c7dc1b746bc6b9818c959528d64b8f89c391b8607f787cd0444d031dc5d22
Size

103KB
Sample

221129-3e642aca4y
MD5

17c08c98118ab2431ccc1c532543af85
SHA1

91cc41079066ddc3ee96ea3d09555b3a56fc6afd
SHA256

1f29516dde719e6114e87cd063aa22e4dbceb23da89c86d21b665f0ccc1d11a7
SHA512

d7128c3d5df7028443768d96d0d657be9da00709ab3f8daeb119ba38c187063104aff47089c48c8ef5d486b4d630b852d20f120a95c45edfccff37cda73ab29d
SSDEEP

1536:vUdV0xox6bWZBnNEMBpj3BnexdOWbLTZxpTLedYD3dwFkmmfHiclMFqs42ni:CVd3ZBZBpQLLTdD3d2kmmfCcPs42i

Score

10^/10

smokeloader backdoor trojan

Malware Config

Targets

- Target
  
  647c7dc1b746bc6b9818c959528d64b8f89c391b8607f787cd0444d031dc5d22
- Size
  
  147KB
- MD5
  
  c24aa43de0f0428721d665794a4e30f0
- SHA1
  
  61a5d2d7816fb2e8a866978bbb92864d5f224c99
- SHA256
  
  647c7dc1b746bc6b9818c959528d64b8f89c391b8607f787cd0444d031dc5d22
- SHA512
  
  049ca1363e6d95e07edd1831b49eb839d9aa1d46e70c583dc59dccafdcf34e778fa2669ec6d4dafee7be87d416fdae141b13293124870b3d82457b6b2efb5174
- SSDEEP
  
  1536:eE5ns2ygVKthT5oWaFrDnHXPa695Np5RgO5xMtGH/hT79V+Xemwn4PE6IxEbvqJO:LpBsYLtzv52O5jZgh3E9xEDOyby2M0
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoortrojan