smokeloader | 52381c89fee471a433994350422ecfd14a37b1bb0a283b27a6cbd7eaf9110ad6 | Triage

Sharing

General

Target

06f697894ff06c93ce0abc8c9b517014f250324420506cd54ddb31126707ec0f
Size

105KB
Sample

221129-3w411aac53
MD5

018fcd484b7851f257bb91dc1e402a65
SHA1

05334c5bc7c2c8e9fd54678dfe9ceeabbfd86746
SHA256

52381c89fee471a433994350422ecfd14a37b1bb0a283b27a6cbd7eaf9110ad6
SHA512

fd3f6257d3917061b14a03f27e9ff166eec20d8d5a567254a33abf34752dd1a77ff9b4cce29615b9e1cae2d8b07100f9f3944c3c8705c40ee76397c3fe4f0bfb
SSDEEP

1536:Ji8ZDTT0uMGzAZTy7FuRIkKoepH29NYhLVSN+6EhADmLnrAaM2b0cm2np0daj4y2:JiYnTNMG8dx02smEmKLrAH2b0h40sj4L

Score

10^/10

smokeloader backdoor trojan

Malware Config

Targets

- Target
  
  06f697894ff06c93ce0abc8c9b517014f250324420506cd54ddb31126707ec0f
- Size
  
  147KB
- MD5
  
  96078711b41ef886c3ddfe46bce05edd
- SHA1
  
  43772df107f9da7eff0ad98bae22e199fdcef5f8
- SHA256
  
  06f697894ff06c93ce0abc8c9b517014f250324420506cd54ddb31126707ec0f
- SHA512
  
  414510a06934d85568fb5a51f9cee285da6c0029827e09805e301ad8cdf9f636f8b2205bc8714dd18bf7e0201ae0569d59762a4b7c5c8d39eca334a50de583c8
- SSDEEP
  
  3072:V+XdjHvMfkh5K4x/KcBRva6jp8k8FiZZcaeFC:Y9HUfi1Kz0GeE
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoortrojan