smokeloader | 8f32ace2f9decc7c209d6d247cf16734173a4da2a0322cd11a6ac81744289a17 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

file.exe
Size

351KB
Sample

221203-frzjdsbd7t
MD5

f9a9272b80382b2f1d24c8bcdbf5e8c2
SHA1

dd82a1fe23f26dc105e0d833b11a3781485329aa
SHA256

8f32ace2f9decc7c209d6d247cf16734173a4da2a0322cd11a6ac81744289a17
SHA512

40921cbf5fd045e4441dfd837f8fd21a78c76efff71a294b3c9a413a0fc79a1edbd719ee5ce4bd47456aa5bf49c1d01f681dc6a9b447922c96813d6b279ae2b2
SSDEEP

6144:NX8hIyKLv8L4BcROZczhMfBGodXl+wcuRy7CExjp:N+7K64BfZUoldc+RSrB

Score

10^/10

smokeloader backdoor trojan

Malware Config

Targets

- Target
  
  file.exe
- Size
  
  351KB
- MD5
  
  f9a9272b80382b2f1d24c8bcdbf5e8c2
- SHA1
  
  dd82a1fe23f26dc105e0d833b11a3781485329aa
- SHA256
  
  8f32ace2f9decc7c209d6d247cf16734173a4da2a0322cd11a6ac81744289a17
- SHA512
  
  40921cbf5fd045e4441dfd837f8fd21a78c76efff71a294b3c9a413a0fc79a1edbd719ee5ce4bd47456aa5bf49c1d01f681dc6a9b447922c96813d6b279ae2b2
- SSDEEP
  
  6144:NX8hIyKLv8L4BcROZczhMfBGodXl+wcuRy7CExjp:N+7K64BfZUoldc+RSrB
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoortrojan