smokeloader | 2c7c9aef7461f50786310833b0556ea18279465bd014aab27011b766ada62735 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

file.exe
Size

185KB
Sample

221201-kwl63scd46
MD5

4b23178b22131ab86aec7889840fac4f
SHA1

7f7e2b80925f103d3e1920b83cfd49b2609f4958
SHA256

2c7c9aef7461f50786310833b0556ea18279465bd014aab27011b766ada62735
SHA512

1a436cdc7fefefeaa5ab8db6b1191049538538328a15e2360e6334904fa821c59f969fcbf772766c7efb48ebc2cf60683f574eff02f02a48770340ad0d5a8a51
SSDEEP

3072:iOJyMdNV/knSLxz+4ODrC5P5DTB5o0S/acBbVfs6IdqlxKRw+6x+Y:i9MOnSLxz+4DD95odl8mx+Mx

Score

10^/10

smokeloader backdoor trojan

Malware Config

Targets

- Target
  
  file.exe
- Size
  
  185KB
- MD5
  
  4b23178b22131ab86aec7889840fac4f
- SHA1
  
  7f7e2b80925f103d3e1920b83cfd49b2609f4958
- SHA256
  
  2c7c9aef7461f50786310833b0556ea18279465bd014aab27011b766ada62735
- SHA512
  
  1a436cdc7fefefeaa5ab8db6b1191049538538328a15e2360e6334904fa821c59f969fcbf772766c7efb48ebc2cf60683f574eff02f02a48770340ad0d5a8a51
- SSDEEP
  
  3072:iOJyMdNV/knSLxz+4ODrC5P5DTB5o0S/acBbVfs6IdqlxKRw+6x+Y:i9MOnSLxz+4DD95odl8mx+Mx
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoortrojan