smokeloader | 2cd9d2b17a9a5914ab23d81d475dee02ab4cb547f9edc0d39beab296c41bfb82 | Triage

Sharing

General

Target

2cd9d2b17a9a5914ab23d81d475dee02ab4cb547f9edc0d39beab296c41bfb82
Size

139KB
Sample

221129-3zbtmaae28
MD5

af07c487ad31660630153d8c98906c4f
SHA1

714b3760cbf19be5f0ffc406c1a1b4494b62a11b
SHA256

2cd9d2b17a9a5914ab23d81d475dee02ab4cb547f9edc0d39beab296c41bfb82
SHA512

a333ed7802ced5b32c7c7217c7ea6fb38db847e51828dd290d7aa2f3c394b2c2de646542bd3f74274245cda689a3ba06d4328d633016763fa32e5b4b13db55c7
SSDEEP

1536:4pu4YL8U2VMD+smbr5lxzqcTLmbfdgyiwXfwS1Vz3qaZATrsM7q0gJFOkyPFNlT1:OTQqr5ojVPwS/3pZAP4XOkQ35fme

Score

10^/10

smokeloader backdoor trojan

Malware Config

Targets

- Target
  
  2cd9d2b17a9a5914ab23d81d475dee02ab4cb547f9edc0d39beab296c41bfb82
- Size
  
  139KB
- MD5
  
  af07c487ad31660630153d8c98906c4f
- SHA1
  
  714b3760cbf19be5f0ffc406c1a1b4494b62a11b
- SHA256
  
  2cd9d2b17a9a5914ab23d81d475dee02ab4cb547f9edc0d39beab296c41bfb82
- SHA512
  
  a333ed7802ced5b32c7c7217c7ea6fb38db847e51828dd290d7aa2f3c394b2c2de646542bd3f74274245cda689a3ba06d4328d633016763fa32e5b4b13db55c7
- SSDEEP
  
  1536:4pu4YL8U2VMD+smbr5lxzqcTLmbfdgyiwXfwS1Vz3qaZATrsM7q0gJFOkyPFNlT1:OTQqr5ojVPwS/3pZAP4XOkQ35fme
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Executes dropped EXE
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan