smokeloader | 97f42e6dfc6f99cd19f5f3ab483ec38775f481538247d213e75304acb90e1c56 | Triage

Sharing

General

Target

97f42e6dfc6f99cd19f5f3ab483ec38775f481538247d213e75304acb90e1c56
Size

273KB
Sample

221206-b8ajdaag8s
MD5

a505f310a93fbfd3632b596bafbda27d
SHA1

e8ed6d0fd2b9f89fc65c064868b60a53d7456692
SHA256

97f42e6dfc6f99cd19f5f3ab483ec38775f481538247d213e75304acb90e1c56
SHA512

11ab305020cd635fd00dcff8286ff2654e32463d0e9e3517dc06fc2cf43569edeccba1c13da9ff43dab85a71d1d9fb4f1f97c48858c8630b47dd920634e41717
SSDEEP

3072:JOXVVR4YZQgN0//adWR5X41U1V/kPgDsHxQkInKPt7CH3YiVRvJTcpbofxpgYgVu:JWc//aURMysHxQnO4YIDc9ecVS

Score

10^/10

smokeloader backdoor trojan

Malware Config

Targets

- Target
  
  97f42e6dfc6f99cd19f5f3ab483ec38775f481538247d213e75304acb90e1c56
- Size
  
  273KB
- MD5
  
  a505f310a93fbfd3632b596bafbda27d
- SHA1
  
  e8ed6d0fd2b9f89fc65c064868b60a53d7456692
- SHA256
  
  97f42e6dfc6f99cd19f5f3ab483ec38775f481538247d213e75304acb90e1c56
- SHA512
  
  11ab305020cd635fd00dcff8286ff2654e32463d0e9e3517dc06fc2cf43569edeccba1c13da9ff43dab85a71d1d9fb4f1f97c48858c8630b47dd920634e41717
- SSDEEP
  
  3072:JOXVVR4YZQgN0//adWR5X41U1V/kPgDsHxQkInKPt7CH3YiVRvJTcpbofxpgYgVu:JWc//aURMysHxQnO4YIDc9ecVS
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Executes dropped EXE
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan