smokeloader | d86a374168cb5cf6f73a319658eb5677b4da9b647f4948d4564fe514ac1a7fb3 | Triage

Sharing

General

Target

9a319cf220a3b2553e1914540b68dbfa1a0cdbc1e135e7388148a72e3c3c6b1d
Size

192KB
Sample

221204-f3zcrsee7z
MD5

901a0e0805ff2533f58ee68ec635180b
SHA1

42c98344c477b80e339c1c26276b2c56c643fc96
SHA256

d86a374168cb5cf6f73a319658eb5677b4da9b647f4948d4564fe514ac1a7fb3
SHA512

b9b730c012ef5e9ab3f17845aa1316817f24c113d8bc626dbf9fd720b70a25c9c3734587f2f412cfe66d41770545b92ad94638f60ecc8ef189a2cb003f562b11
SSDEEP

3072:NJtwb1YWuzIdPq/STOrbcl3MC+YH5nf6cd8DTFU63L6ZK4dIoW/gFA9:NJtwB3+W0cS0feDT3UtIF/f

Score

10^/10

smokeloader backdoor trojan

Malware Config

Targets

- Target
  
  9a319cf220a3b2553e1914540b68dbfa1a0cdbc1e135e7388148a72e3c3c6b1d
- Size
  
  350KB
- MD5
  
  5464002ac36ec5514788baa15c3762d3
- SHA1
  
  a65bd46bf4ab13a1c6c6e7652eb09d4828a23ae6
- SHA256
  
  9a319cf220a3b2553e1914540b68dbfa1a0cdbc1e135e7388148a72e3c3c6b1d
- SHA512
  
  7597d62b48148fdd29345c85cfd0ca65d5cecea8652902f75e689147aeba05bd817b8acee9155110dd287f8a8a63e48371186e90449901eec8277c8c8f4e1408
- SSDEEP
  
  3072:G+CIAWAPJPI5AB/qfal3MC+YH5nWP7OtJY9GnWNTC6NRMHnlX1pjC0JviHYDrEmU:gWeJP5B/qiS0wxgnMW2Rqnf3JiY
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoortrojan