smokeloader | 334f9e1af0cb519d3708eb64a94c3cb9923ef07a2ab74b353816c4e394f4f374 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

334f9e1af0cb519d3708eb64a94c3cb9923ef07a2ab74b353816c4e394f4f374
Size

351KB
Sample

221203-r5shsaaa58
MD5

8ae34a1f9bf1d265263eef213ad5ec23
SHA1

4077044932630162ac3d4b707a3355719373edf3
SHA256

334f9e1af0cb519d3708eb64a94c3cb9923ef07a2ab74b353816c4e394f4f374
SHA512

d4b27f491f32fe5c676917a1badc481bbe92e73cce327bfa8892c4f34cac5e0563e18afc56289bad9373fec8c14a04546b09c074499477de6e5e4e51dfefec31
SSDEEP

6144:4Yr4dwAfKxihZc0f71tJJnMW2Rqn+jt3Y:4YmwAfPZJXMW34t3Y

Score

10^/10

smokeloader backdoor trojan

Malware Config

Targets

- Target
  
  334f9e1af0cb519d3708eb64a94c3cb9923ef07a2ab74b353816c4e394f4f374
- Size
  
  351KB
- MD5
  
  8ae34a1f9bf1d265263eef213ad5ec23
- SHA1
  
  4077044932630162ac3d4b707a3355719373edf3
- SHA256
  
  334f9e1af0cb519d3708eb64a94c3cb9923ef07a2ab74b353816c4e394f4f374
- SHA512
  
  d4b27f491f32fe5c676917a1badc481bbe92e73cce327bfa8892c4f34cac5e0563e18afc56289bad9373fec8c14a04546b09c074499477de6e5e4e51dfefec31
- SSDEEP
  
  6144:4Yr4dwAfKxihZc0f71tJJnMW2Rqn+jt3Y:4YmwAfPZJXMW34t3Y
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan