smokeloader | 30450d157e3883cc9bbe7169a95d6db142f0ca2efaf54d6531fff530d143443f | Triage

Submit
Reports

Overview

overview

Static

static

3d00aebac4...d6.exe

windows7-x64

3d00aebac4...d6.exe

windows10-2004-x64

Sharing

General

Target

3d00aebac49db2e4ab25953d7832f4bb204348f521aa980854a433eaacd698d6
Size

104KB
Sample

221130-afj2nsbb52
MD5

f30fbd7f12f960ef2801bad8268dd450
SHA1

214c5fb13ae21ff1f091de5088746784d3e42863
SHA256

30450d157e3883cc9bbe7169a95d6db142f0ca2efaf54d6531fff530d143443f
SHA512

74f2a822873bbabaf71d47cb8058b9a3d2e9323f055ef0f0170ba7675346e5ffdd3e052a2404e8f6645add5103c630fab3b6a605aaf39a3c3299cbf8490fcb35
SSDEEP

3072:U9TRwU1enKaU6g3Bi/Q1fGJn+xlbvoENZFOmUkNoE4IfNF+:UBRt6f/6eJWljZNZF3UkNoEe

Score

10^/10

smokeloader backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

3d00aebac49db2e4ab25953d7832f4bb204348f521aa980854a433eaacd698d6.exe

Resource

win7-20220812-en

smokeloader backdoor trojan

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

3d00aebac49db2e4ab25953d7832f4bb204348f521aa980854a433eaacd698d6.exe

Resource

win10v2004-20220812-en

smokeloader backdoor trojan

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  3d00aebac49db2e4ab25953d7832f4bb204348f521aa980854a433eaacd698d6
- Size
  
  148KB
- MD5
  
  35d5a55f52e562b4258cfe15b23cfc39
- SHA1
  
  347fa20dfca7ed9ac30003d2773f56f95a4c1335
- SHA256
  
  3d00aebac49db2e4ab25953d7832f4bb204348f521aa980854a433eaacd698d6
- SHA512
  
  75dbc48d0e2391d90c0d4b89dc6500408467939271ea9a28722480860f0a599c01bd391cfc393a738626ada42dccf9a50754f77fa992d3fb1012098c5c9743e0
- SSDEEP
  
  3072:3DAoNnjjh5nGv9hqEhukLaR0pqji9k+NWXF/OhYywN5dINM/:U6njni9IEhukLaGpMINWXF/OhYywN5Oq
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoortrojan

© 2018-2024

Terms | Privacy