smokeloader | af011fe60885339c7547e3d30762207e62882cd21329ece34217a6705a8b3c04 | Triage

Submit
Reports

Overview

overview

Static

static

06f697894f...0f.exe

windows7-x64

06f697894f...0f.exe

windows10-2004-x64

Sharing

General

Target

06f697894ff06c93ce0abc8c9b517014f250324420506cd54ddb31126707ec0f
Size

105KB
Sample

221129-3t1kssdb8t
MD5

4ae5af648f300a20a22b4fec5028bde9
SHA1

96ac69d854f7de518668c403eb1ed4f91f2e7fe3
SHA256

af011fe60885339c7547e3d30762207e62882cd21329ece34217a6705a8b3c04
SHA512

3072c49a5c235987f733358c475c2ef33c97bf13b54e830caad3188a786e2dde41b6abfc10a25c74b533e2d4f465cfa24aea9ead30cd97d83776c3163271056c
SSDEEP

1536:8i8ZDTT0uMGzAZTy7FuRIkKoepH29NYhLVSN+6EhADmLnrAaM2b0cm2np0daj4yv:8iYnTNMG8dx02smEmKLrAH2b0h40sj46

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

06f697894ff06c93ce0abc8c9b517014f250324420506cd54ddb31126707ec0f.exe

Resource

win7-20220901-en

smokeloader backdoor trojan

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

06f697894ff06c93ce0abc8c9b517014f250324420506cd54ddb31126707ec0f.exe

Resource

win10v2004-20220901-en

smokeloader backdoor trojan

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  06f697894ff06c93ce0abc8c9b517014f250324420506cd54ddb31126707ec0f
- Size
  
  147KB
- MD5
  
  96078711b41ef886c3ddfe46bce05edd
- SHA1
  
  43772df107f9da7eff0ad98bae22e199fdcef5f8
- SHA256
  
  06f697894ff06c93ce0abc8c9b517014f250324420506cd54ddb31126707ec0f
- SHA512
  
  414510a06934d85568fb5a51f9cee285da6c0029827e09805e301ad8cdf9f636f8b2205bc8714dd18bf7e0201ae0569d59762a4b7c5c8d39eca334a50de583c8
- SSDEEP
  
  3072:V+XdjHvMfkh5K4x/KcBRva6jp8k8FiZZcaeFC:Y9HUfi1Kz0GeE
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy