smokeloader | 8da1760217421386d5557fc5583efc132a4b2f10be09ebf863fe25850db3c595 | Triage

Sharing

General

Target

3ce17f00e34fae799986833f985ed70be310f7290def5b53264ef0f209e56194
Size

175KB
Sample

221206-cf82xabb71
MD5

6c02db040d307d195fe587eb1a80b54d
SHA1

2341ff64952693a8420e6a43a6b00fd251c87e50
SHA256

8da1760217421386d5557fc5583efc132a4b2f10be09ebf863fe25850db3c595
SHA512

42144e973ec758630127adea06d75b0360fe549b7da3e8628588d7b6bb31ed6566a7c30a8419f8139e76736df4532b6d3f2f8ee387ee9a97ab5f27a1e52900ec
SSDEEP

3072:x1BvpcyIefGd/ALulfFszejRAwj5S+qVn0SLIKL+UwLwkSwoBZlwRkrTVLK:x7po+GntKKRAyeB0SUW+D8kSwOZaaN+

Score

10^/10

smokeloader backdoor trojan

Malware Config

Targets

- Target
  
  3ce17f00e34fae799986833f985ed70be310f7290def5b53264ef0f209e56194
- Size
  
  273KB
- MD5
  
  430f716dcc3b5f288de47bb4d6ddb2db
- SHA1
  
  0d7b0ec982082bcea3f57820de4cdd67a1d005f8
- SHA256
  
  3ce17f00e34fae799986833f985ed70be310f7290def5b53264ef0f209e56194
- SHA512
  
  ad294cabce019a9a1e9cd8dc25e37754c22ba1e0b1937293d307614ec638dd5d173343077687edb9d7185adef49830c19dc1cb80184078629c5e94c2f8079046
- SSDEEP
  
  6144:q9T43mEiPUqpr4TfKRAyeD043IDcjP/VS:q9ifiPUurVyUTDcDVS
Score

10^/10

smokeloader backdoor trojan
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

smokeloaderbackdoortrojan

behavioral2

smokeloaderbackdoortrojan