smokeloader | 462eb62ff900c0f28bafae4a597be0f28e4ba7d1d3fb93cd58ad460460fc4fa8 | Triage

Sharing

General

Target

53ac0ae8ae39a472c23c6be9f0235f4bfe11a30ebc90e93a7ebba046302f5fbe
Size

105KB
Sample

221129-yx1mraca79
MD5

5fb8c5a0f9a5e2a2e9b83e32c2acd482
SHA1

2af07755ad42daf0c68224b3b77d6ef3d8687736
SHA256

462eb62ff900c0f28bafae4a597be0f28e4ba7d1d3fb93cd58ad460460fc4fa8
SHA512

249f88ad1ab5b80a1fb69dd6d3bd8da562c622b30a03fe777add384aa09180e4d203384b8290bce965fad9f1750437a9f0ed28078f7b718e9ff499cebccb5a48
SSDEEP

1536:kk/4cz1YJWxM3F5Iw3K0LOqgffJ3nTcdbFkjLt3dBu7Ua0JtBSvgMMjnRS:kknZM3gw3KVqgfBnUyPt3b5aE8vgTw

Score

10^/10

smokeloader backdoor trojan

Malware Config

Targets

- Target
  
  53ac0ae8ae39a472c23c6be9f0235f4bfe11a30ebc90e93a7ebba046302f5fbe
- Size
  
  147KB
- MD5
  
  646178bbbc79efd73945789cb60bc4be
- SHA1
  
  37e74281e5d21d33aaa713965045beadea1cdd95
- SHA256
  
  53ac0ae8ae39a472c23c6be9f0235f4bfe11a30ebc90e93a7ebba046302f5fbe
- SHA512
  
  f23169bbcd27b687c62aab854a08381cb052ab3755e1f9774e37cec4ae9d50827475df8e7cce0325908daeb6d52437909618ac281aeef6d04dd92c7f6f46280b
- SSDEEP
  
  3072:e2s7PaCvJSVUn5TEuKHqTJaHSHAtmzpviVjX/:SWCvJSVJvqTIHQAszp6
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoortrojan